Alexander Wirt uploaded a new package for ikiwiki which fixes the following security problem:
DSA-DSA-1875 Josh Triplett discovered that the blacklist for potentially harmful TeX code of the teximg module of the Ikiwiki wiki compiler was incomplete, resulting in information disclosure. For the lenny-backports distribution the problems have been fixed in version 3.1415926~bpo50+1. The old stable distribution (etch) is not affected. For the stable distribution (lenny), this problem has been fixed in version 2.53.4. For the unstable distribution (sid), this problem has been fixed in version 3.1415926. This bug will not be fixed for etch-backports we recommend to disable the teximg plugin there or upgrade to lenny(-backports). Upgrade instructions -------------------- If you don't use pinning (http://backports.org/dokuwiki/doku.php?id=instructions) you have to update the package manually via apt-get -t lenny-backports install ikiwiki. We recommend to pin the backports repository to 200 so that new versions of installed backports will be installed automatically. Package: * Pin: release a=lenny-backports Pin-Priority: 200 -- Alexander Wirt, [email protected] CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A _______________________________________________ Backports-security-announce mailing list [email protected] http://lists.backports.org/mailman/listinfo/backports-security-announce
