----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.

Download and test it today:
https://psi.secunia.com/

Read more about this new version:
https://psi.secunia.com/?page=changelog

----------------------------------------------------------------------

TITLE:
Debian update for ikiwiki

SECUNIA ADVISORY ID:
SA29369

VERIFY ADVISORY:
http://secunia.com/advisories/29369/

CRITICAL:
Moderately critical

IMPACT:
Cross Site Scripting

WHERE:
>From remote

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for ikiwiki. This fixes two
vulnerabilities, which can be exploited by malicious people to
conduct script insertion attacks.

For more information:
SA28911

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_1.33.4.dsc
Size/MD5 checksum: 1015 2e29116078a22cf014f69352c3060ca7
http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_1.33.4.tar.gz
Size/MD5 checksum: 227057 e9004c649fd2868f98db48f9d1a88cb5

Architecture independent packages:

http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_1.33.4_all.deb
Size/MD5 checksum: 273414 8b5e0688e39749041a501898528f5aa5

-- Debian GNU/Linux unstable alias sid --

Fixed in version 2.31.1.

ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/2008/msg00090.html

OTHER REFERENCES:
SA28911:
http://secunia.com/advisories/28911/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------