Hi, On Wed, Oct 05, 2011 at 11:56:14AM +0200, Tanguy Ortolo wrote: > My last update of dokuwiki/lenny, which fixed a security flaw and was > released with Lenny 5.0.9, unfortunately introduced a quite important > regression, breaking any wiki page containing external links. I should > have detected it, but it appears that I did not test external links (and > I really should have done so, since the security fix was about external > links).
as the security team is pushing more and more fixes towards (o-)p-u, and as this was originally a security fix, I'd like to ask the Security Team for a curtesy: as we do not have -updates for lenny, can you please issue a DSA with the regression fix? > It is described in the bug report #644145, which Julien Cristau has > already identified as affecting this point release. I have corrected > this regression in a new version [1] which has been tested by myself and > at least two users. This version modifies the previous one's security > patch by replacing calls to an undefined function that was introduced in > a later version. > > [1] > http://tanguy.ortolo.eu/deb/dokuwiki/dokuwiki_0.0.20080505-4+lenny4.dsc > > For those affected, the bug report already gives a pointer to this > updated version. Do you think it can be added to a possible next point > release? Thanks Philipp Kern
signature.asc
Description: Digital signature
