urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

some details about past security hole

master
Joey Hess 2012-05-17 13:20:55 -04:00
parent 5fbfab9bae
commit 9ff1edb5b9
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
doc/security.mdwn
View File

@ -484,10 +484,10 @@ for information disclosure via symlinks. ([[!cve CVE-2011-1408]])
This hole was discovered on 8 June 2011 and fixed the same day with This hole was discovered on 8 June 2011 and fixed the same day with
the release of ikiwiki 3.20110608. Note that the fix is dependant on the release of ikiwiki 3.20110608. Note that the fix is dependant on
a version of su that has a similar hole fixed; [[!debbug 628843]] a version of su that has a similar hole fixed. Version 4.1.5 of the shadow
tracks fixing the hole in Debian's su. An upgrade is a must for any package contains the fixed su; [[!debbug 628843]] tracks fixing the hole in
sites that have `ikiwiki-update-wikilist` installed suid (not the default), Debian. An upgrade is a must for any sites that have `ikiwiki-update-wikilist`
and whose admins run `ikiwiki-mass-rebuild`. installed suid (not the default), and whose admins run `ikiwiki-mass-rebuild`.
## javascript insertion via meta tags ## javascript insertion via meta tags