Debian Security Advisory

DSA-3571-1 ikiwiki -- security update

Date Reported:
08 May 2016
Affected Packages:
ikiwiki
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2016-4561.
More information:

Simon McVittie discovered a cross-site scripting vulnerability in the error reporting of Ikiwiki, a wiki compiler. This update also hardens ikiwiki's use of imagemagick in the img plugin.

For the stable distribution (jessie), this problem has been fixed in version 3.20141016.3.

For the unstable distribution (sid), this problem has been fixed in version 3.20160506.

We recommend that you upgrade your ikiwiki packages.