projects
/
ikiwiki.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2f0d94c
)
update
author
joey
<joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Fri, 18 Aug 2006 06:22:38 +0000
(06:22 +0000)
committer
joey
<joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Fri, 18 Aug 2006 06:22:38 +0000
(06:22 +0000)
doc/security.mdwn
patch
|
blob
|
history
diff --git
a/doc/security.mdwn
b/doc/security.mdwn
index 65ebfd7b2421a2e1477c5f542cd64acc9b667fe4..f3567d1558c5c2993571b5dc5a4eb0b9d33d2a46 100644
(file)
--- a/
doc/security.mdwn
+++ b/
doc/security.mdwn
@@
-242,7
+242,7
@@
ikiwiki escapes any html in svn commit logs to prevent other mischief.
## XML::Parser
XML::Parser is used by the aggregation plugin, and has some security holes.
-#[378411](http://bugs.debian.org/378411) does not
+
Bug
#[378411](http://bugs.debian.org/378411) does not
seem to affect our use, since the data is not encoded as utf-8 at that
point. #[378412](http://bugs.debian.org/378412) could affect us, although it
doesn't seem very exploitable. It has a simple fix, and has been fixed in