aboutsummaryrefslogtreecommitdiff
path: root/doc/security.mdwn
Commit message (Expand)AuthorAge
* mention that the CVE-2016-4561 fix was backportedsmcv2016-05-09
* Add CVE referenceSimon McVittie2016-05-06
* Document the security fixes in this releaseSimon McVittie2016-05-06
* revert link spamsmcv2015-10-04
* (no commit message)ketariman2015-10-04
* add more details of CVE-2015-2793smcv2015-04-14
* update for recent XSSJoey Hess2015-03-30
* update ikiwiki-update-wikilist docs to suggest putting it in /etc/sudoersJoey Hess2012-08-09
* some details about past security holeJoey Hess2012-05-17
* typoJoey Hess2012-05-16
* cveJoey Hess2012-05-16
* meta: Security fix; add missing sanitization of author and authorurl. Thanks,...Joey Hess2012-05-16
* ikiwiki-mass-rebuild: Fix tty hijacking vulnerability by using su. (Once su's...Joey Hess2011-06-08
* 404 automatically loads gotoJoey Hess2011-06-08
* CVE assignedJoey Hess2011-03-28
* use real nameGiuseppe Bilotta2011-03-28
* severity analysis updateJoey Hess2011-03-28
* releasing version 3.20110328Joey Hess2011-03-28
* meta: Security fix; don't allow alternative stylesheets to be added on pages ...Joey Hess2011-03-28
* Fix typo: s/insertation/insertion/gJosh Triplett2011-03-09
* backportJoey Hess2011-01-22
* releasing version 3.20110122Joey Hess2011-01-22
* document XSSJoey Hess2011-01-22
* CVE idJoey Hess2010-11-12
* releasing version 3.20101112Joey Hess2010-11-12
* security issueJoey Hess2010-11-12
* update re template changeJoey Hess2010-04-23
* Despam, again. Someone ban adrianna please?Simon McVittie2010-04-02
* (no commit message)adrianna2010-04-02
* htmlscrubber: Security fix: In data:image/* uris, only allow a few whiteliste...Joey Hess2010-03-12
* CVEJoey Hess2009-08-30
* still mispelling josh's name..Joey Hess2009-08-30
* teximg security problemJoey Hess2009-08-30
* Fix version.JoshTriplett2008-12-31
* note fix versionsJoey Hess2008-11-12
* check for invalid utf-8, and toss it back to avoid crashesJoey Hess2008-11-12
* remove ikiwiki.setupJoey Hess2008-07-26
* Migrate everything else via prefix_directivesSimon McVittie2008-07-21
* updateJoey Hess2008-07-02
* cve idJoey Hess2008-05-31
* fix linkJoey Hess2008-05-30
* more on the security holeJoey Hess2008-05-30
* documentation for use of hashed passwordsJoey Hess2008-05-29
* add CVE linkJoey Hess2008-04-20
* releasing version 2.42Joey Hess2008-04-10
* Fix CSRF attacks against the preferences and edit forms. Closes: #475445Joey Hess2008-04-10
* fix what I think is a typoJoey Hess2008-04-10
* add CVE idsJoey Hess2008-02-20
* some updates about the recent holeJoey Hess2008-02-10
* a few thoughts on data: securityJoey Hess2008-02-10