Package: ikiwiki Version: 1.33.5 Severity: grave Justification: renders package unusable
I had set up ikiwiki 1.33.3 on an up-to-date Debian Etch system and working _flawlessly_. It was setup to work under SSL all the time, with an SVN backend and using HTTP AUTH for logins. I made custom templates for it, that were also working fine. It has been used both by offline users working through SVN-commits, and by online users working through ikiwiki.cgi withouth problems. After updating to 1.33.5 following DSA-1553 the Edit page functionality has stopped working. I can get into the Edit Page page, make changes and Preview the page as many times as I want, but as soon as a Save is attempted, I get the "Your session has expired" page and no changes are saved. I changed editpage.tmpl and added the additional form field as suggested by the ikiwiki WiKi, namely <tmpl_var field-sid>. After that I checked the Edit page and the field is included in the appropiate FORM block and has a value resembling a session id; it did not work anyway. I changed /usr/share/perl5/IkiWiki/CGI.pm, line 615, so that the error message reported the values for $sid and $session->id and fount out they were DIFFERENT. They were DIFFERENT no matter what testing scenario I tried: different browsers, after clearing cookies, after clearing cached data, with or without a proxy, with or without SSL and with different users. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-m-bs Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages ikiwiki depends on: ii gcc [c-compiler] 4:4.1.1-15 The GNU C compiler ii gcc-4.1 [c-compiler] 4.1.1-21 The GNU C compiler ii libc6-dev [libc-dev] 2.3.6.ds1-13etch5 GNU C Library: Development Librari ii libcgi-formbuilder-per 3.03.01-1 Easily generate and process statef ii libcgi-session-perl 4.14-1 Persistent session data in CGI app ii libhtml-parser-perl 3.55-1 A collection of modules that parse ii libhtml-scrubber-perl 0.08-3 Perl extension for scrubbing/sanit ii libhtml-template-perl 2.8-1 HTML::Template : A module for usin ii libmail-sendmail-perl 0.79-4 Send email from a perl script ii libtime-duration-perl 1.02-1 Time::Duration -- rounded or exact ii libtimedate-perl 1.1600-5 Time and date functions for Perl ii liburi-perl 1.35-2 Manipulates and accesses URI strin ii libxml-simple-perl 2.14-5 Perl module for reading and writin ii markdown 1.0.1-3 Text-to-HTML conversion tool ii perl 5.8.8-7etch3 Larry Wall's Practical Extraction Versions of packages ikiwiki recommends: ii hyperestraier 1.4.9-1.1 a full-text search system for comm ii subversion 1.4.2dfsg1-2 Advanced version control system -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
