diff options
Diffstat (limited to 'doc/news/version_3.20170111.mdwn')
| -rw-r--r-- | doc/news/version_3.20170111.mdwn | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/doc/news/version_3.20170111.mdwn b/doc/news/version_3.20170111.mdwn deleted file mode 100644 index 03b2ac2c4..000000000 --- a/doc/news/version_3.20170111.mdwn +++ /dev/null @@ -1,10 +0,0 @@ -ikiwiki 3.20170111 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * passwordauth: prevent authentication bypass via multiple name - parameters (CVE-2017-0356, OVE-20170111-0001) - * passwordauth: avoid userinfo forgery via repeated email parameter - (also in the scope of CVE-2017-0356) - * CGI, attachment, passwordauth: harden against repeated parameters - (not believed to have been a vulnerability) - * remove: make it clearer that repeated page parameter is OK here - * t/passwordauth.t: new automated test for passwordauth"""]]
\ No newline at end of file |