Debian Security Advisory
DSA-3571-1 ikiwiki -- security update
- Date Reported:
- 08 May 2016
- Affected Packages:
- ikiwiki
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-4561.
- More information:
-
Simon McVittie discovered a cross-site scripting vulnerability in the error reporting of Ikiwiki, a wiki compiler. This update also hardens ikiwiki's use of imagemagick in the img plugin.
For the stable distribution (jessie), this problem has been fixed in version 3.20141016.3.
For the unstable distribution (sid), this problem has been fixed in version 3.20160506.
We recommend that you upgrade your ikiwiki packages.