Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

Debian: DSA-3760-1 Critical: Ikiwiki Multiple Security Flaws

debian
Calendar Grey January 12, 2017
Scroller Debian
Several vulnerabilities identified in Ikiwiki wiki generator; users on Debian are advised to update.
Multiple vulnerabilities have been found in the Ikiwiki wiki compiler: CVE-2016-9646

Summary

Multiple vulnerabilities have been found in the Ikiwiki wiki compiler:

CVE-2016-9646

Commit metadata forgery via CGI::FormBuilder context-dependent APIs

CVE-2016-10026

Editing restriction bypass for git revert

CVE-2017-0356

Authentication bypass via repeated parameters
Additional details on these vulnerabilities can be found at
https://ikiwiki.info/security/

For the stable distribution (jessie), these problems have been fixed in
version 3.20141016.4.

For the unstable distribution (sid), these problems have been fixed in
version 3.20170111.

We recommend that you upgrade your ikiwiki packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: ikiwiki
CVE ID: CVE-2016-9646 CVE-2016-10026 CVE-2017-0356

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.