Subject: CVS commit: pkgsrc/www/ikiwiki
From: Amitai Schleier
Date: 2017-01-12 01:44:15
Message id: 20170112004416.015FEFBA6@cvs.NetBSD.org

Log Message:
Update to 3.20170111. From the changelog:

* passwordauth: prevent authentication bypass via multiple name
  parameters (CVE-2017-0356, OVE-20170111-0001)
* passwordauth: avoid userinfo forgery via repeated email parameter
  (also in the scope of CVE-2017-0356)
* CGI, attachment, passwordauth: harden against repeated parameters
  (not believed to have been a vulnerability)
* remove: make it clearer that repeated page parameter is OK here
* t/passwordauth.t: new automated test for passwordauth

Files:
RevisionActionfile
1.148modifypkgsrc/www/ikiwiki/Makefile
1.120modifypkgsrc/www/ikiwiki/distinfo