Debian Security Advisory

DLA-463-1 ikiwiki -- LTS security update

Date Reported:

09 May 2016

Affected Packages:

ikiwiki

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-4561.

More information:

Simon McVittie discovered a cross-site scripting vulnerability in the error reporting of Ikiwiki, a wiki compiler. This update also hardens ikiwiki's use of imagemagick in the img plugin.

For Debian 7 Wheezy, this problem has been fixed in version 3.20120629.2+deb7u1.

We recommend that you upgrade your ikiwiki packages.