projects
/
ikiwiki.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
5acec79
)
still mispelling josh's name..
author
Joey Hess
<joey@gnu.kitenet.net>
Sun, 30 Aug 2009 19:32:42 +0000
(15:32 -0400)
committer
Joey Hess
<joey@gnu.kitenet.net>
Sun, 30 Aug 2009 19:32:42 +0000
(15:32 -0400)
doc/security.mdwn
patch
|
blob
|
history
diff --git
a/doc/security.mdwn
b/doc/security.mdwn
index ba3eac1874ccc7a151205e947aed1185932288ee..200ae29e22831abecec7dfbc2da9c1b07ab07bbf 100644
(file)
--- a/
doc/security.mdwn
+++ b/
doc/security.mdwn
@@
-420,7
+420,7
@@
later that day, in version 2.70. The fix was backported to testing as version
## Insufficient blacklisting in teximg plugin
-Josh Trip
ple
t discovered on 28 Aug 2009 that the teximg plugin's
+Josh Trip
let
t discovered on 28 Aug 2009 that the teximg plugin's
blacklisting of insecure TeX commands was insufficient; it could be
bypassed and used to read arbitrary files. This was fixed by
enabling TeX configuration options that disallow unsafe TeX commands.