From: joey Date: Mon, 28 Aug 2006 04:35:49 +0000 (+0000) Subject: update X-Git-Tag: 1.22~29 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=4a4c0b626874e9c5db38a54c678689805f790d74;p=ikiwiki.git update --- diff --git a/doc/security.mdwn b/doc/security.mdwn index 9d7702dde..5cc35b338 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -256,3 +256,10 @@ seem to affect our use, since the data is not encoded as utf-8 at that point. #[378412](http://bugs.debian.org/378412) could affect us, although it doesn't seem very exploitable. It has a simple fix, and has been fixed in Debian unstable. + +## include loops + +Various directives that cause one page to be included into another could +be exploited to DOS the wiki, by causing a loop. Ikiwiki has always guarded +against this one way or another; the current solution should detect all +types of loops involving preprocessor directives.