Accepted ikiwiki 3.20160506 (all source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 06 May 2016 07:54:26 +0100
Source: ikiwiki
Binary: ikiwiki
Architecture: all source
Version: 3.20160506
Distribution: unstable
Urgency: medium
Maintainer: Simon McVittie <smcv@debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
ikiwiki - wiki compiler
Changes:
ikiwiki (3.20160506) unstable; urgency=medium
.
[ Simon McVittie ]
* img: stop ImageMagick trying to be clever if filenames contain a colon,
avoiding mis-processing
* HTML-escape error messages, in one case avoiding potential cross-site
scripting (OVE-20160505-0012)
* Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
- img: force common Web formats to be interpreted according to extension,
so that "allowed_attachments: '*.jpg'" does what one might expect
- img: restrict to JPEG, PNG and GIF images by default, again mitigating
CVE-2016-3714 and similar vulnerabilities
- img: check that the magic number matches what we would expect from
the extension before giving common formats to ImageMagick
* d/control: use https for Homepage
* d/control: add Vcs-Browser
.
[ Joey Hess ]
* img: Add back support for SVG images, bypassing ImageMagick and
simply passing the SVG through to the browser, which is supported by all
commonly used browsers these days.
SVG scaling by img directives has subtly changed; where before
size=wxh would preserve aspect ratio, this cannot be done when passing
them through and so specifying both a width and height can change
the SVG's aspect ratio.
* loginselector: When only openid and emailauth are enabled, but
passwordauth is not, avoid showing a "Other" box which opens an
empty form.
.
[ Amitai Schlair ]
* mdwn: Process .md like .mdwn, but disallow web creation.
.
[ Florian Wagner ]
* git: Correctly handle filenames starting with a dash in add/rm/mv.
Checksums-Sha1:
52306cd282430e59b4065f121f2c51d24f8d0a58 2127 ikiwiki_3.20160506.dsc
1427f7e2cae0afb828b5c6e8121057b9b7309f2b 3434284 ikiwiki_3.20160506.tar.gz
e7026321fd460be819e3f9b2b958db87da7c0152 1407378 ikiwiki_3.20160506_all.deb
Checksums-Sha256:
452cb29e5222b79528d5010838800342ff4aae68a5e7b579ff75bff90fef7c23 2127 ikiwiki_3.20160506.dsc
c14ba0f5d1dc4adf0b0f85c6f9979c91f48aaf1588e1dacf0f1a6cacc972ea5c 3434284 ikiwiki_3.20160506.tar.gz
7a14946eb295984a433dbe37fb003bca73ea0d4548ae2b7f072110c28a271132 1407378 ikiwiki_3.20160506_all.deb
Files:
f0c94d0af35ae8f5487e9bc9d4f95900 2127 web optional ikiwiki_3.20160506.dsc
3b099c2c944e8c9a12cda13dede8ce2e 3434284 web optional ikiwiki_3.20160506.tar.gz
cccbf451c32b01050b90f5cfa74ec0ef 1407378 web optional ikiwiki_3.20160506_all.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJXLOrsAAoJEE3o/ypjx8yQPvoP/iZFzspjkToDILSIuLseHLOX
aMqmB6ORp9V+daEoMV3/3HzIDQPSQsj3fwiO+MozaLFvlMmvynXY/+tv7Y+5KiLJ
hXjhZtaFh7F2elr1AhUaUIGCZl15/YgVUvL1yTDJ/7/+PdYanazTmM6JuSQLiYpR
pz+yk8FER7CIwcZep5A/hMCx5ENVjmPQ5Dbcb/rPg5AmL0JRICIyfpsqseSQLpiZ
3tuGwdYoXXg+jY9qWSldeQLBvT4bbQoxmioYLiT2zwOVlCppH3XEklA4rV1TLuyz
mIu/axX9Unn7RHoE614v+JliGP92RomNgbPcJt42TjvKqaGzYOWM8a4YzaxcIzdw
eQaQa1A2KROftLG11FtfuykHzt1A45SaCyLsFq2aPBKF6QmExoGgwbEomKDyzyU8
XLXSlEFdVBMhUIF0pQTwRPUtudlg6c1VCd14Ny8Sb9bG9y+vv7Qp0Ygc5W21VV5n
vmCu3u9SCdETpWrkRjPj0L0eomzq/vtWdHunmuL4Cg4kL3gkmJwLYGRF6Y3WkdCZ
guvZqfMXPj5m7yM0uO7EbaZYRbtTd+IaHZisvj4F7dlSPsXDqPh8U3nroqrpaoE/
fqUdnU7z/vgiYApTWAmZPkDhihd9oc3VAVmzdRCiIrFuSKfvFwFnRAHeAKAlH22S
dF0p3bZT8jVcxeYvVMME
=/6mW
-----END PGP SIGNATURE-----