Intrigeri

**Name of the Vulnerable Software and Affected Versions** ikiwiki versions prior to 3.20161229 git versions prior to 2.8.0 **Description** The issue concerns an incomplete fix for ikiwiki, resulting in an editing restriction bypass for git revert. This occurs when using git versions older than 2.8.0. **Recommendations** For ikiwiki versions prior to 3.20161229, update to version 3.20161229 or later. For git versions prior to 2.8.0, update to version 2.8.0 or later.

**Name of the Vulnerable Software and Affected Versions** ikiwiki version 3.20161219 **Description** The issue arises from inadequate checking of revision changes to access permissions for a page on sites utilizing the git and recentchanges plugins with the CGI interface enabled. This allows remote attackers to revert specific changes by exploiting permissions to modify the page before the revision was made. **Recommendations** For ikiwiki version 3.20161219, consider disabling the CGI interface or restricting access to the git and recentchanges plugins as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** pidgin-otr versions prior to 3.2.1 **Description** The issue is related to a format string vulnerability in the log message cb function in otr-plugin.c. This vulnerability might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message. The vulnerability can be exploited remotely and may lead to a breach of confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider disabling the log message cb function until a patch is available. Restrict access to the otr-plugin.c module to minimize the risk of exploitation. Avoid using format string specifiers in data that generates a log message until the issue is resolved.