urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

master
adrianna 2010-04-02 12:24:14 +00:00 committed by Joey Hess
parent e0074b91c7
commit caa397b768
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/security.mdwn
View File

@ -376,7 +376,7 @@ parties.
Cross Site Request Forging could be used to constuct a link that would Cross Site Request Forging could be used to constuct a link that would
change a logged-in user's password or other preferences if they clicked on change a logged-in user's password or other preferences if they clicked on
the link. It could also be used to construct a link that would cause a wiki the link. It could also be used to construct a link that would cause a wiki
page to be modified by a logged-in user. ([[!cve CVE-2008-0165]]) page [order essay](http://custom-paper-writing.com/order) to be modified by a logged-in user. ([[!cve CVE-2008-0165]])
These holes were discovered on 10 April 2008 and fixed the same day with These holes were discovered on 10 April 2008 and fixed the same day with
the release of ikiwiki 2.42. A fix was also backported to Debian etch, as the release of ikiwiki 2.42. A fix was also backported to Debian etch, as
@ -415,7 +415,7 @@ can cause it to crash. This can potentially be used for a denial of service
attack. attack.
intrigeri discovered this problem on 12 Nov 2008 and a patch put in place intrigeri discovered this problem on 12 Nov 2008 and a patch put in place
later that day, in version 2.70. The fix was backported to testing as version later that day, in version 2.70. The fix was backported [write my essay](http://custom-essay-writing-service.org/faq.php) to testing as version
2.53.3, and to stable as version 1.33.7. 2.53.3, and to stable as version 1.33.7.
## Insufficient blacklisting in teximg plugin ## Insufficient blacklisting in teximg plugin