[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 812-1] ikiwiki security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : ikiwiki
Version        : 3.20120629.2+deb7u2
CVE ID         : CVE-2016-9646 CVE-2016-10026 CVE-2017-0356

Several vulnerabilities have been found in ikiwiki, a wiki compiler:

CVE-2016-9646

    Commit metadata forgery

CVE-2016-10026

    Authorization bypass when reverting changes

CVE-2017-0356

    Authentication bypass via repeated parameters

For Debian 7 "Wheezy", these problems have been fixed in version
3.20120629.2+deb7u2.

We recommend that you upgrade your ikiwiki packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAliQ834ACgkQnUbEiOQ2
gwIoeRAAxEo7VM/VfbH88o89gI42UpqnpC7m4/p83bpPP3WTbW5KwBemJ8IRfn/i
QesVtU0f8qJFtNeouTqDQTKb23g28PZGfAfNTinYb0jOJRouk8PS/D17YSxal4LL
scfb9X8GgScDQ+vZ/QyfvFa4f7Xwbz0Uo4btiUtw8v1WrcbmRjuV1ISWRu3sGzmJ
CTzVGa0Y8Rq0yGgDBzw+jzF0DAKEXVBx1Ccmr6fTkM6x6EbVK5phdSo4Fe1uZGc+
2s6nfTrseKP89n8TlXkcTKXGoOrGz8aZ9NBENEf9BxGzXLFcVmGJ0m6iDdQ6zUwl
n/guav6cYB0ElFMtfGOJyf/A01pesWMAggvzb0mg79L/acWNhZjP6f3GbCJr+xkt
xZPz+GBEsytyAkJ2RowyDd/aZlhy23DAFwf1BaKmayYxnWeuaymF5uY7zvEvRlBc
RB53CKMnfivdfR2b/i7GuICEeDQy0sG73GggWdFvHPAkX1p4c3SimNHqlg2xXvWO
tJk3eNJGeUG5kkbNDYOxbn5vZazkKvRGbtHJ6Xbd6tnE5HWtAU1IUiRHNbIsLNwc
vrs5SUE1AOFjo9mOgUrEu+pPnwUDeIso+j+OT7slRfIzTdVmRqNCL6vuwoMvbFMX
SCjeKj/H6QRthAw+hfex2+pw30dMXYkR3ACDc0krs1lDNowILs0=
=0A0c
-----END PGP SIGNATURE-----


Reply to: