[SECURITY] Fedora 13 Update: ikiwiki-3.20100815.7-1.fc13
updates at fedoraproject.org
updates at fedoraproject.org
Thu Apr 21 22:26:49 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-5173
2011-04-11 20:27:40
--------------------------------------------------------------------------------
Name : ikiwiki
Product : Fedora 13
Version : 3.20100815.7
Release : 1.fc13
URL : http://ikiwiki.info/
Summary : A wiki compiler
Description :
Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages
suitable for publishing on a website. Ikiwiki stores pages and history
in a revision control system such as Subversion or Git. There are many
other features, including support for blogging, as well as a large
array of plugins.
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 3.20100815.7.
Security fixes:
* Possible javascript insertion via insufficient htmlscrubbing of alternate stylesheets. (CVE-2011-1401)
* Javascript insertion via insufficient checking in comments. (CVE-2011-0428)
* Javascript insertion via insufficient htmlscrubbing of comments. (CVE-2010-1673)
See http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=debian/changelog;hb=3.20100815.7;hpb=3.20100722 for the full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 10 2011 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100815.7-1
- Update to 3.20100815.7.
* Fri Jul 30 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100722-1
- Update to 3.20100722.
* Fri Jul 2 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100623-1
- Rebase libexecdir patch.
- Update to 3.20100623.
* Wed Jun 23 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100610-1
- Update to 3.20100610.
* Tue Jun 1 2010 Marcela Maslanova <mmaslano at redhat.com> - 3.20100518.2-2
- Mass rebuild with perl-5.12.0
* Sun May 30 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100518.2-1
- Update to 3.20100518.2.
* Sat May 8 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100504-1
- Update to 3.20100504.
* Wed May 5 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100501-1
- Update to 3.20100501.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #695501 - CVE-2011-1401 ikiwiki: XSS via crafted CSS token sequences
https://bugzilla.redhat.com/show_bug.cgi?id=695501
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ikiwiki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list