aboutsummaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog9
1 files changed, 7 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 456d4b908..299d7d571 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,14 @@
-ikiwiki (2.14) UNRELEASED; urgency=low
+ikiwiki (2.14) unstable; urgency=high
* Let CC be used to control what compiler is used to build wrappers.
* Use 'cc' instead of gcc as the default compiler.
+ * Security fix: Ensure that there are no symlinks anywhere in the path
+ to the top of the srcdir. In certian unusual configurations, an attacker
+ who could commit to one of the parent directories of the srcdir could
+ use a symlink attack to cause ikiwiki to publish files elsewhere in the
+ filesystem. More details at <http://ikiwiki.info/security/#index29h2>
- -- Joey Hess <joeyh@debian.org> Sun, 25 Nov 2007 15:49:49 -0500
+ -- Joey Hess <joeyh@debian.org> Mon, 26 Nov 2007 15:26:06 -0500
ikiwiki (2.13) unstable; urgency=low