-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 10 Apr 2008 16:49:24 -0400 Source: ikiwiki Binary: ikiwiki Architecture: source all Version: 1.33.5 Distribution: stable-security Urgency: high Maintainer: Joey Hess <joeyh@debian.org> Changed-By: Joey Hess <joeyh@debian.org> Description: ikiwiki - a wiki compiler Closes: 47544 Changes: ikiwiki (1.33.5) stable-security; urgency=high . * Fix CSRF attacks against the preferences and edit forms. The fix involved embedding the session id in the forms, and not allowing the forms to be submitted if the embedded id does not match the session id. Closes: #47544 Files: d7fe70296ad9c6b2681f9ad60cf0d785 1015 web optional ikiwiki_1.33.5.dsc ef6aa241ce3d9b3b4cc3750ed83ec578 228378 web optional ikiwiki_1.33.5.tar.gz c744a37e80d49d8c58cfb84fd4f6e4d6 273800 web optional ikiwiki_1.33.5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSAscXb97/wQC1SS+AQKY3wf+PYVSwLv5YSc6LjZW1lTcgE/Crp3M+4Rd LicO+NKnOLyRY/hRN+Zlum/J2sfnclNuEZ88UE2OegLQrT8DG7X0IfPIVIbb5vNm 18jOJLcAvWnS4m72CDOEUxGwHDR8oM8f3dv1YR0LO2BVBV3bnU4P9VDbwg7qXzcj Zlgv7dPvEOyGUOkxOm7K8ws1/zAvA8Z2+HhN8VOsFZjE1td1pP93tCCMXF/XCxZB wYCYYrz6tSJZNQ1U1tiYZhnrIddhWZM0OdyjCAlMI34lD5kr129BgO8z7KR2dDH6 PgjOz0/jdKZ0+RPCkoE4SMmL/oma/SPR5QfMy85Rul1ZuhfCweZBXg== =4J2O -----END PGP SIGNATURE----- Accepted: ikiwiki_1.33.5.dsc to pool/main/i/ikiwiki/ikiwiki_1.33.5.dsc ikiwiki_1.33.5.tar.gz to pool/main/i/ikiwiki/ikiwiki_1.33.5.tar.gz ikiwiki_1.33.5_all.deb to pool/main/i/ikiwiki/ikiwiki_1.33.5_all.deb
