cve
parent
6f897f53da
commit
22acf1872a
|
@ -1,7 +1,7 @@
|
|||
ikiwiki (3.20120516) unstable; urgency=high
|
||||
|
||||
* meta: Security fix; add missing sanitization of author and authorurl.
|
||||
Thanks, Raúl Benencia
|
||||
CVE-2012-0220 Thanks, Raúl Benencia
|
||||
|
||||
-- Joey Hess <joeyh@debian.org> Wed, 16 May 2012 19:51:27 -0400
|
||||
|
||||
|
|
|
@ -492,6 +492,8 @@ and whose admins run `ikiwiki-mass-rebuild`.
|
|||
## javascript insertion via meta tags
|
||||
|
||||
Raúl Benencia discovered an additional XSS exposure in the meta plugin.
|
||||
([[!cvs CVE-2012-0220]])
|
||||
|
||||
This hole was discovered on 16 May 2012 and fixed the same day with
|
||||
the release of ikiwiki 3.20120516.
|
||||
the release of ikiwiki 3.20120516. A fix was backported to Debian squeeze,
|
||||
as version 3.20100815.9. An upgrade is recommended for all sites.
|
||||
|
|
Loading…
Reference in New Issue