From 8f788fa1e1489c27959f161ed46f96ddf009d0ee Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kodama.kitenet.net>
Date: Sun, 10 Feb 2008 18:39:42 -0500
Subject: [PATCH] update changelog after cherry-picking all relevent fixes

---
 debian/changelog | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 7dd7a2a29..d2dbe592d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,11 @@
 ikiwiki (1.33.4) stable-security; urgency=high
 
   * htmlscrubber security fix: Block javascript in uris. Closes: #465110
+  * meta: Check that the urls provided for authorurl, permalink, and openid
+    are safe and can't contain javascript.
   * Add htmlscrubber test suite.
+  * Thanks to Josh Triplett for pointing out the holes and for his help
+    in implementing and checking fixes.
 
  -- Joey Hess <joeyh@debian.org>  Sun, 10 Feb 2008 13:34:28 -0500
 
-- 
2.26.2