add news item for ikiwiki 2.53

2008-07-09 17:01:10 -04:00 · 2008-07-09 17:01:10 -04:00 · 6ebb411e8b
parent e798633159
commit 6ebb411e8b
2 changed files with 11 additions and 27 deletions
--- a/doc/news/version_2.48.mdwn
+++ b/doc/news/version_2.48.mdwn
@ -1,27 +0,0 @@
-**This release fixes an important security hole, upgrade immediately.**
-
-News for ikiwiki 2.48:
-
-   If you allowed password based logins to your wiki, those passwords were
-   stored in cleartext in the userdb. To guard against exposing users'
-   passwords, I recommend you install the [[cpan Authen::Passphrase]] perl module, and
-   then run `ikiwiki-transition hashpassword /path/to/srcdir` to replace all
-   existing cleartext passwords with strong (blowfish) hashes.
-
-ikiwiki 2.48 released with [[toggle text="these changes"]]
-[[toggleable text="""
-   * Fix security hole that occurred if openid and passwordauth were both
-     enabled. passwordauth would allow logging in as a known openid, with an
-     empty password. Closes: #[483770](http://bugs.debian.org/483770)
-     (CVE-2008-0169)
-   * Add rel=nofollow to edit links. This may prevent some spiders from
-     pounding on the cgi following edit links.
-   * passwordauth: If Authen::Passphrase is installed, use it to store
-     password hashes, crypted with Eksblowfish.
-   * `ikiwiki-transiition hashpassword /path/to/srcdir` can be used to
-     hash existing plaintext passwords.
-   * Passwords will no longer be mailed, but instead a password reset link.
-   * The password\_cost config setting is provided as a "more security" knob.
-   * teximg: Fix logurl.
-   * teximg: If the log isn't written, avoid ugly error messages.
-   * Updated French translation. Closes: #[478530](http://bugs.debian.org/478530)"""]]
--- a/doc/news/version_2.53.mdwn
+++ b/doc/news/version_2.53.mdwn
@ -0,0 +1,11 @@
+ikiwiki 2.53 released with [[toggle text="these changes"]]
+[[toggleable text="""
+   * search: generate configuration files once only when rebuilding
+     (Gabriel McManus)
+   * attachment: Fix an uninitialised value warning when editing a page
+     that currently has no attachments.
+   * Fix a bug with links to pages whose names contained colons.
+   * attachment: Support old versions of CGI.pm that lack an upload method.
+   * Include ikiwiki.setup in examples in the debian package.
+   * attachment: Support perl 5.8's buggy version of CGI.pm.
+   * otl: Support utf-8 files. (Recai Oktaş)"""]]