CVE

diff --git a/debian/changelog b/debian/changelog
index ee8e7402772793da8d29ca2e9e6c2289df9d38d1..4dd47d2dd7b9ac1f7818bd8f924492ce1b86c450 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -43,7 +43,7 @@ ikiwiki (3.1415926) unstable; urgency=high
 
   [ Josh Triplett ]
   * teximg: Replace the insufficient blacklist with the built-in security
-    mechanisms of TeX.
+    mechanisms of TeX. (CVE-2009-2944)
 
  -- Joey Hess <joeyh@debian.org>  Sun, 30 Aug 2009 15:20:46 -0400
 

diff --git a/doc/news/version_3.1415926.mdwn b/doc/news/version_3.1415926.mdwn
index c914c83cd853a30024a8f6d8e77b21ef76b9d861..d31812c8e3da836655573e67dd4c7683fd1fc181 100644 (file)
--- a/doc/news/version_3.1415926.mdwn
+++ b/doc/news/version_3.1415926.mdwn
@@ -50,4 +50,4 @@ ikiwiki 3.1415926 released with [[!toggle text="these changes"]]
      larger in either dimension.
  * [ Josh Triplett ]
    * teximg: Replace the insufficient blacklist with the built-in security
-     mechanisms of TeX."""]]
\ No newline at end of file
+     mechanisms of TeX. ([[!cve CVE-2009-2944]])"""]]

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 200ae29e22831abecec7dfbc2da9c1b07ab07bbf..3924186c2120c9371b1f55b648c4a760a0a5d6d3 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -426,4 +426,4 @@ bypassed and used to read arbitrary files. This was fixed by
 enabling TeX configuration options that disallow unsafe TeX commands.
 The fix was released on 30 Aug 2009 in version 3.1415926, and was
 backported to stable in version 2.53.4. If you use the teximg plugin,
-I recommend upgrading.
+I recommend upgrading. ([[!cve CVE-2009-2944]])