From 0abef571c74e054bd6dfbaee140f1b334cdaa6e2 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Fri, 6 May 2016 21:35:14 +0100
Subject: Add CVE reference

---
 doc/news/version_3.20160506.mdwn | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'doc/news')

diff --git a/doc/news/version_3.20160506.mdwn b/doc/news/version_3.20160506.mdwn
index 331a48b6b..6800a3022 100644
--- a/doc/news/version_3.20160506.mdwn
+++ b/doc/news/version_3.20160506.mdwn
@@ -22,7 +22,7 @@ ikiwiki 3.20160506 released with [[!toggle text="these changes"]]
 [[!toggleable text="""
  * [ [[Simon McVittie|smcv]] ]
    * HTML-escape error messages, in one case avoiding potential cross-site
-     scripting (OVE-20160505-0012)
+     scripting ([[!cve CVE-2016-4561]], OVE-20160505-0012)
    * Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
      - img: force common Web formats to be interpreted according to extension,
        so that "allowed\_attachments: '*.jpg'" does what one might expect
-- 
cgit v1.2.3