[SECURITY] [DLA 812-1] ikiwiki security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : ikiwiki
Version : 3.20120629.2+deb7u2
CVE ID : CVE-2016-9646 CVE-2016-10026 CVE-2017-0356
Several vulnerabilities have been found in ikiwiki, a wiki compiler:
CVE-2016-9646
Commit metadata forgery
CVE-2016-10026
Authorization bypass when reverting changes
CVE-2017-0356
Authentication bypass via repeated parameters
For Debian 7 "Wheezy", these problems have been fixed in version
3.20120629.2+deb7u2.
We recommend that you upgrade your ikiwiki packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAliQ834ACgkQnUbEiOQ2
gwIoeRAAxEo7VM/VfbH88o89gI42UpqnpC7m4/p83bpPP3WTbW5KwBemJ8IRfn/i
QesVtU0f8qJFtNeouTqDQTKb23g28PZGfAfNTinYb0jOJRouk8PS/D17YSxal4LL
scfb9X8GgScDQ+vZ/QyfvFa4f7Xwbz0Uo4btiUtw8v1WrcbmRjuV1ISWRu3sGzmJ
CTzVGa0Y8Rq0yGgDBzw+jzF0DAKEXVBx1Ccmr6fTkM6x6EbVK5phdSo4Fe1uZGc+
2s6nfTrseKP89n8TlXkcTKXGoOrGz8aZ9NBENEf9BxGzXLFcVmGJ0m6iDdQ6zUwl
n/guav6cYB0ElFMtfGOJyf/A01pesWMAggvzb0mg79L/acWNhZjP6f3GbCJr+xkt
xZPz+GBEsytyAkJ2RowyDd/aZlhy23DAFwf1BaKmayYxnWeuaymF5uY7zvEvRlBc
RB53CKMnfivdfR2b/i7GuICEeDQy0sG73GggWdFvHPAkX1p4c3SimNHqlg2xXvWO
tJk3eNJGeUG5kkbNDYOxbn5vZazkKvRGbtHJ6Xbd6tnE5HWtAU1IUiRHNbIsLNwc
vrs5SUE1AOFjo9mOgUrEu+pPnwUDeIso+j+OT7slRfIzTdVmRqNCL6vuwoMvbFMX
SCjeKj/H6QRthAw+hfex2+pw30dMXYkR3ACDc0krs1lDNowILs0=
=0A0c
-----END PGP SIGNATURE-----
Reply to: