Alexander Wirt uploaded a new package for ikiwiki which fixed the following security problem: Feeding ikiwiki page sources containing certian forms of malformed UTF-8 can cause it to crash. This can potentially be used for a denial of service attack. For the etch-backports distribution the problem has been fixed in version 2.53.3~bpo40+1. For the lenny distribution the problem has been fixed in version 2.53.3. For the sid distribution the problem has been fixed in version 2.70. Upgrade instructions --------------------- If you don't use pinning (see [1]) you have to update ikiwiki manually via "apt-get -t etch-backports install ikiwiki". [1] <http://backports.org/dokuwiki/doku.php?id=instructions> We recommend to pin the backports repository to 200 so that new versions of installed backports will be installed automatically: Package: * Pin: release a=etch-backports Pin-Priority: 200 -- Alexander Wirt, formorer@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A
Attachment:
signature.asc
Description: Digital signature