Common Vulnerabilities and Exposures assigned an identifier CVE-2009-2944 to
the following vulnerability:
Reference: CONFIRM: http://ikiwiki.info/security/#index35h2
Reference: URL: http://www.securityfocus.com/bid/36181
Reference: URL: http://secunia.com/advisories/36516
Reference: URL: http://www.vupen.com/english/advisories/2009/2475
Incomplete blacklist vulnerability in the teximg plugin in ikiwiki
before 3.1415926 and 2.x before 2.53.4 allows context-dependent
attackers to read arbitrary files via crafted TeX commands.
This affects Fedora 11 and also Fedora 10 (I am suspecting the 2.72 version was a development snapshot of 3.x as the latest 2.x on the site is 2.53.4 and I don't see a 2.72 version anywhere).
ikiwiki-3.1415926-1.fc11 has been submitted as an update for Fedora 11.
ikiwiki-2.72-2.fc10 has been submitted as an update for Fedora 10.
ikiwiki-2.72-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
ikiwiki-3.1415926-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.