Security Information / 2016 / Security Information -- DSA-3571-1 ikiwiki

Debian Security Advisory

DSA-3571-1 ikiwiki -- security update

Date Reported:

08 May 2016

Affected Packages:

ikiwiki

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-4561.

More information:

Simon McVittie discovered a cross-site scripting vulnerability in the error reporting of Ikiwiki, a wiki compiler. This update also hardens ikiwiki's use of imagemagick in the img plugin.

For the stable distribution (jessie), this problem has been fixed in version 3.20141016.3.

For the unstable distribution (sid), this problem has been fixed in version 3.20160506.

We recommend that you upgrade your ikiwiki packages.