aboutsummaryrefslogtreecommitdiff
path: root/doc/news/version_3.20141016.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'doc/news/version_3.20141016.mdwn')
-rw-r--r--doc/news/version_3.20141016.mdwn36
1 files changed, 36 insertions, 0 deletions
diff --git a/doc/news/version_3.20141016.mdwn b/doc/news/version_3.20141016.mdwn
new file mode 100644
index 000000000..3a93102bd
--- /dev/null
+++ b/doc/news/version_3.20141016.mdwn
@@ -0,0 +1,36 @@
+ikiwiki 3.20141016 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ [ Joey Hess ]
+ * Fix crash that can occur when only_committed_changes is set and a
+ file is deleted from the underlay.
+
+ [ Simon McVittie ]
+ * core: avoid dangerous use of CGI->param in list context, which led
+ to a security flaw in Bugzilla; as far as we can tell, ikiwiki
+ is not vulnerable to a similar attack, but it's best to be safe
+ * core: new reverse_proxy option prevents ikiwiki from trying to detect
+ how to make self-referential URLs by using the CGI environment variables,
+ for instance when it's deployed behind a HTTP reverse proxy
+ (Closes: [[!debbug 745759]])
+ * core: the default User-Agent is now "ikiwiki/$version" to work around
+ ModSecurity rules assuming that only malware uses libwww-perl
+ * core: use protocol-relative URLs (e.g. //www.example.com/wiki) so that
+ https stays on https and http stays on http, particularly if the
+ html5 option is enabled
+ * core: avoid mixed content when a https cgiurl links to http static pages
+ on the same server (the static pages are assumed to be accessible via
+ https too)
+ * core: force the correct top URL in w3mmode
+ * google plugin: Use search form
+ * docwiki: replace Paypal and Flattr buttons with text links
+ * comments: don't record the IP address in the wiki if the user is
+ logged in via passwordauth or httpauth
+ * templates: add ARIA roles to some page elements, if html5 is enabled.
+ Thanks, Patrick
+ * debian: build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra
+ so we can thumbnail SVGs in the docwiki
+ * debian: explicitly depend and build-depend on libcgi-pm-perl
+ * debian: drop unused python-support dependency
+ * debian: rename debian/link to debian/links so the intended symlinks appear
+ * debian: fix some wrong paths in the copyright file
+"""]]
generated by cgit v1.2.3 (git 2.25.4) at 2024-05-21 08:42:38 +0000