From edc9ffcb6518c4a21d6256023670492089244c84 Mon Sep 17 00:00:00 2001
From: Parker Moore <parkrmoore@gmail.com>
Date: Mon, 13 Jan 2014 22:26:38 -0800
Subject: [PATCH 1/4] Add 1.4.3 release post by @BenBalter for master branch.

---
 .../2014-01-13-jekyll-1-4-3-released.markdown | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 site/_posts/2014-01-13-jekyll-1-4-3-released.markdown

diff --git a/site/_posts/2014-01-13-jekyll-1-4-3-released.markdown b/site/_posts/2014-01-13-jekyll-1-4-3-released.markdown
new file mode 100644
index 00000000..a97bcec4
--- /dev/null
+++ b/site/_posts/2014-01-13-jekyll-1-4-3-released.markdown
@@ -0,0 +1,26 @@
+---
+layout: news_item
+title: 'Jekyll 1.4.3 Released'
+date: 2014-01-13 17:43:32 -0800
+author: benbalter
+version: 1.4.3
+categories: [release]
+---
+
+Jekyll 1.4.3 contains two **critical** security fixes. If you run Jekyll locally
+and do not run Jekyll in "safe" mode (e.g. you do not build Jekyll sites on behalf
+of others), you are not affected and are not required to update at this time.
+([See pull request.]({{ site.repository }}/pull/1944))
+
+Versions of Jekyll prior to 1.4.3 and greater than 1.2.0 may allow malicious
+users to expose the content of files outside the source directory in the
+generated output via improper symlink sanitization, potentially resulting in an
+inadvertent information disclosure.
+
+Versions of Jekyll prior to 1.4.3 may also allow malicious users to write
+arbitrary `.html` files outside of the destination folder via relative path
+traversal, potentially overwriting otherwise-trusted content with arbitrary HTML
+or Javascript depending on your server's configuration.
+
+*Maintainer's note: Many thanks to @gregose and @charliesome for discovering
+these vulnerabilities, and to @BenBalter and @alindeman for writing the patch.*

From e87cd8d53ce979861070af11345e21d7f121e6f1 Mon Sep 17 00:00:00 2001
From: Parker Moore <parkrmoore@gmail.com>
Date: Mon, 13 Jan 2014 22:27:41 -0800
Subject: [PATCH 2/4] Update History.markdown with 1.4.3 release.

---
 History.markdown | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/History.markdown b/History.markdown
index 9145f044..26df264c 100644
--- a/History.markdown
+++ b/History.markdown
@@ -75,6 +75,11 @@
   * Linkify 'awesome contributors' to point to the contributors graph on
     GitHub (#1940)
 
+## 1.4.3 / 2014-01-13
+
+### Bug Fixes
+  * Patch show-stopping security vulnerabilities (#1944)
+
 ## 1.4.2 / 2013-12-16
 
 ### Bug Fixes

From 245597c2dbe0efb5f72c11b14fdc96c3fa5d4b5a Mon Sep 17 00:00:00 2001
From: Parker Moore <parkrmoore@gmail.com>
Date: Mon, 13 Jan 2014 22:28:16 -0800
Subject: [PATCH 3/4] Require Liquid 2.5.5 <= x < 2.6

---
 jekyll.gemspec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jekyll.gemspec b/jekyll.gemspec
index 1608ce76..7fe6c10d 100644
--- a/jekyll.gemspec
+++ b/jekyll.gemspec
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
   s.rdoc_options = ["--charset=UTF-8"]
   s.extra_rdoc_files = %w[README.markdown LICENSE]
 
-  s.add_runtime_dependency('liquid', "~> 2.5.2")
+  s.add_runtime_dependency('liquid', "~> 2.5.5")
   s.add_runtime_dependency('classifier', "~> 1.3")
   s.add_runtime_dependency('listen', "~> 1.3")
   s.add_runtime_dependency('maruku', "~> 0.7.0")

From 45c0523e553e9fb270746175a5cf5fea009f9a78 Mon Sep 17 00:00:00 2001
From: Parker Moore <parkrmoore@gmail.com>
Date: Tue, 14 Jan 2014 08:43:29 -0800
Subject: [PATCH 4/4] update dat gemspec

---
 jekyll.gemspec | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/jekyll.gemspec b/jekyll.gemspec
index 7fe6c10d..e3d74185 100644
--- a/jekyll.gemspec
+++ b/jekyll.gemspec
@@ -128,6 +128,8 @@ Gem::Specification.new do |s|
     lib/site_template/css/syntax.css
     lib/site_template/index.html
     script/bootstrap
+    script/branding
+    script/cibuild
     site/.gitignore
     site/CNAME
     site/README
@@ -167,6 +169,9 @@ Gem::Specification.new do |s|
     site/_posts/2013-11-04-jekyll-1-3-0-released.markdown
     site/_posts/2013-11-26-jekyll-1-3-1-released.markdown
     site/_posts/2013-12-07-jekyll-1-4-0-released.markdown
+    site/_posts/2013-12-09-jekyll-1-4-1-released.markdown
+    site/_posts/2013-12-16-jekyll-1-4-2-released.markdown
+    site/_posts/2014-01-13-jekyll-1-4-3-released.markdown
     site/css/screen.css
     site/docs/configuration.md
     site/docs/contributing.md
@@ -195,6 +200,7 @@ Gem::Specification.new do |s|
     site/docs/upgrading.md
     site/docs/usage.md
     site/docs/variables.md
+    site/docs/windows.md
     site/favicon.png
     site/feed.xml
     site/freenode.txt
@@ -221,6 +227,7 @@ Gem::Specification.new do |s|
     test/source/_data/languages.yml
     test/source/_data/members.yaml
     test/source/_data/products.yml
+    test/source/_includes/include.html
     test/source/_includes/params.html
     test/source/_includes/sig.markdown
     test/source/_layouts/default.html
@@ -260,6 +267,8 @@ Gem::Specification.new do |s|
     test/source/_posts/2013-05-10-number-category.textile
     test/source/_posts/2013-07-22-post-excerpt-with-layout.markdown
     test/source/_posts/2013-08-01-mkdn-extension.mkdn
+    test/source/_posts/2013-12-17-include-variable-filters.markdown
+    test/source/_posts/2013-12-20-properties.text
     test/source/_posts/es/2008-11-21-nested.textile
     test/source/about.html
     test/source/category/_posts/2008-9-23-categories.textile
@@ -271,6 +280,7 @@ Gem::Specification.new do |s|
     test/source/foo/_posts/bar/2008-12-12-topical-post.textile
     test/source/index.html
     test/source/products.yml
+    test/source/properties.html
     test/source/sitemap.xml
     test/source/symlink-test/_data
     test/source/symlink-test/symlinked-dir