[SECURITY] Fedora 10 Update: ikiwiki-2.72-2.fc10

updates at fedoraproject.org updates at fedoraproject.org
Fri Sep 11 23:26:00 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-9254
2009-09-03 00:10:38
--------------------------------------------------------------------------------

Name        : ikiwiki
Product     : Fedora 10
Version     : 2.72
Release     : 2.fc10
URL         : http://ikiwiki.info/
Summary     : A wiki compiler
Description :
Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages
suitable for publishing on a website. Ikiwiki stores pages and history
in a revision control system such as Subversion or Git. There are many
other features, including support for blogging, as well as a large
array of plugins.

--------------------------------------------------------------------------------
Update Information:

Fix CVE-2009-2944, see bz 520543.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  2 2009 Thomas Moschny <thomas.moschny at gmx.de> - 2.72-2
- Add patch for teximg plugin: Make TeX handle preventing unsafe
  things; remove insufficient blacklist (fixes CVE-2009-2944, see
  bz 520543).
* Fri Jan  2 2009 Thomas Moschny <thomas.moschny at gmx.de> - 2.72-1
- Update to 2.72.
- Patch for mtn plugin has been applied upstream.
- Encoding of ikiwiki.vim has been changed to utf-8 upstream.
- Use new W3M_CGI_BIN option in %install.
* Tue Dec 16 2008 Thomas Moschny <thomas.moschny at gmx.de> - 2.70-3
- Patch for monotone plugin: Prevent broken pipe message.
- Cosmetic changes to satisfy rpmlint.
* Mon Dec  1 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm at gmail.com> - 2.70-2
- Rebuild for Python 2.6
* Thu Nov 20 2008 Thomas Moschny <thomas.moschny at gmx.de> - 2.70-1
- Update to 2.70.
- Install and enable the external rst plugin.
- Stop filtering perl(RPC::XML*) requires.
* Fri Oct 10 2008 Thomas Moschny <thomas.moschny at gmx.de> - 2.66-1
- Update to 2.66.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #520543 - CVE-2009-2944 ikiwiki: arbitrary file read via crafted TeX commands
        https://bugzilla.redhat.com/show_bug.cgi?id=520543
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ikiwiki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the package-announce mailing list