From 22acf1872a746af65b2f5487991ff008e52ed1c2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 16 May 2012 21:18:40 -0400 Subject: cve --- doc/security.mdwn | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'doc/security.mdwn') diff --git a/doc/security.mdwn b/doc/security.mdwn index 99f40d3f1..c221c8c6d 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -492,6 +492,8 @@ and whose admins run `ikiwiki-mass-rebuild`. ## javascript insertion via meta tags Raúl Benencia discovered an additional XSS exposure in the meta plugin. +([[!cvs CVE-2012-0220]]) This hole was discovered on 16 May 2012 and fixed the same day with -the release of ikiwiki 3.20120516. +the release of ikiwiki 3.20120516. A fix was backported to Debian squeeze, +as version 3.20100815.9. An upgrade is recommended for all sites. -- cgit v1.2.3