-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 10 Feb 2008 13:34:28 -0500 Source: ikiwiki Binary: ikiwiki Architecture: source all Version: 1.33.4 Distribution: stable-security Urgency: high Maintainer: Joey Hess <joeyh@debian.org> Changed-By: Joey Hess <joeyh@debian.org> Description: ikiwiki - a wiki compiler Closes: 465110 Changes: ikiwiki (1.33.4) stable-security; urgency=high . * htmlscrubber security fix: Block javascript in uris. Closes: #465110 * meta: Check that the urls provided for authorurl, permalink, and openid are safe and can't contain javascript. * Add htmlscrubber test suite. * Thanks to Josh Triplett for pointing out the holes and for his help in implementing and checking fixes. Files: 2e29116078a22cf014f69352c3060ca7 1015 web optional ikiwiki_1.33.4.dsc e9004c649fd2868f98db48f9d1a88cb5 227057 web optional ikiwiki_1.33.4.tar.gz 8b5e0688e39749041a501898528f5aa5 273414 web optional ikiwiki_1.33.4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR97XI797/wQC1SS+AQIcVAf+M+0sHhxIeW0VA7ne/IAqyB+j+V9nE9Pf +iQwXsVQMl69g/LZgkne+xCWV43ypkQl3ENK3plRzR8bPTcrOP2/xvcJk1ezlKem UmTge4HPhONXlwzqwVmmEt5+Br2vYv5D1eVyuoUV0+7+yfieCx3QK/y+BOuU/gQ6 2psjsIvLshU+vR9uY3/4T7+tJAOyUAK72l6NkMa/MJSM+BiCBzgsB8GhEfXyElIe XVr4SAqfa/ESIou3X4XalV61W/Q0XxdSTIq7j+Ib09zkDxENsBdwPuwGSKyiMStU 878d+/wye7RqncMF8yda51ZvD8t0kL7VeGaE3mNKAcmidjk4TfjUmA== =Gell -----END PGP SIGNATURE----- Accepted: ikiwiki_1.33.4.dsc to pool/main/i/ikiwiki/ikiwiki_1.33.4.dsc ikiwiki_1.33.4.tar.gz to pool/main/i/ikiwiki/ikiwiki_1.33.4.tar.gz ikiwiki_1.33.4_all.deb to pool/main/i/ikiwiki/ikiwiki_1.33.4_all.deb
