| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| use_packaged_simplepie.diff | Use packaged version of SimplePie instead of an embedded one =================================================================== |
Mohammed Adnne Trojette <adn+deb@diwi.org> | not-needed | 2011-01-02 | ||
| use_packaged_php-geshi_SA32559.diff | Use packaged version of GeSHi instead of an embedded one =================================================================== |
Mohammed Adnne Trojette <adn+deb@diwi.org> | not-needed | debian | 2012-01-02 | |
| use_packaged_php-seclib.diff | Use the packaged version of php-seclib instead of the embedded one | Tanguy Ortolo <tanguy+debian@ortolo.eu> | not-needed | 2014-01-04 | ||
| debianize.diff | Add a custom look and configure properly for Debian use * Debian look: add Debian to the default wiki title, and add a Debian info button. * Configuration: change the data directory and disable update check which is not relevant. * Installation script: add the custom configuration file checksum. |
Tanguy Ortolo <tanguy+debian@ortolo.eu> | not-needed | 2013-01-21 | ||
| use_packaged_jquery.diff | Use packaged version of jQuery instead of an embedded one =================================================================== |
Tanguy Ortolo <tanguy+debian@ortolo.eu> | not-needed | 2012-01-02 | ||
| cherrypick_ba76f875_fix_xss_in_rss_syntax.patch | [PATCH] fix XSS in RSS syntax The title was not correctly escaped when written to the doc in xhtml renderer. SimplePie does no content escaping on its own (a comment in the code seems to suggest that that was assumed). Instead the content is passed on as-is from the feed. This patch also applies some more escaping on the description output (though it should have been relatively safe thanks to the use of striptags). This was discovered by @ry0tak and reported in https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/ |
Andreas Gohr <andi@splitbrain.org> | no | 2023-05-15 | ||
| cherrypick_b7fcf218_hotfix_release_for_igor.patch | [PATCH] hotfix release a for Igor | Guy Brand <gb@unistra.fr> | no | 2023-05-16 |