Accepted ikiwiki 1.33.4 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 10 Feb 2008 13:34:28 -0500
Source: ikiwiki
Binary: ikiwiki
Architecture: source all
Version: 1.33.4
Distribution: stable-security
Urgency: high
Maintainer: Joey Hess <joeyh@debian.org>
Changed-By: Joey Hess <joeyh@debian.org>
Description:
ikiwiki - a wiki compiler
Closes: 465110
Changes:
ikiwiki (1.33.4) stable-security; urgency=high
.
* htmlscrubber security fix: Block javascript in uris. Closes: #465110
* meta: Check that the urls provided for authorurl, permalink, and openid
are safe and can't contain javascript.
* Add htmlscrubber test suite.
* Thanks to Josh Triplett for pointing out the holes and for his help
in implementing and checking fixes.
Files:
2e29116078a22cf014f69352c3060ca7 1015 web optional ikiwiki_1.33.4.dsc
e9004c649fd2868f98db48f9d1a88cb5 227057 web optional ikiwiki_1.33.4.tar.gz
8b5e0688e39749041a501898528f5aa5 273414 web optional ikiwiki_1.33.4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR97XI797/wQC1SS+AQIcVAf+M+0sHhxIeW0VA7ne/IAqyB+j+V9nE9Pf
+iQwXsVQMl69g/LZgkne+xCWV43ypkQl3ENK3plRzR8bPTcrOP2/xvcJk1ezlKem
UmTge4HPhONXlwzqwVmmEt5+Br2vYv5D1eVyuoUV0+7+yfieCx3QK/y+BOuU/gQ6
2psjsIvLshU+vR9uY3/4T7+tJAOyUAK72l6NkMa/MJSM+BiCBzgsB8GhEfXyElIe
XVr4SAqfa/ESIou3X4XalV61W/Q0XxdSTIq7j+Ib09zkDxENsBdwPuwGSKyiMStU
878d+/wye7RqncMF8yda51ZvD8t0kL7VeGaE3mNKAcmidjk4TfjUmA==
=Gell
-----END PGP SIGNATURE-----
Accepted:
ikiwiki_1.33.4.dsc
to pool/main/i/ikiwiki/ikiwiki_1.33.4.dsc
ikiwiki_1.33.4.tar.gz
to pool/main/i/ikiwiki/ikiwiki_1.33.4.tar.gz
ikiwiki_1.33.4_all.deb
to pool/main/i/ikiwiki/ikiwiki_1.33.4_all.deb
Reply to: