Debian Security Advisory 1324-1 - Kazuhiro Nishiyama found a vulnerability in hiki, a Wiki engine written in Ruby, which could allow a remote attacker to delete arbitrary files which are writable to the Hiki user, via a specially crafted session parameter.
f17582b8f0d537ca8da6bb3338895c86ea22179b5ead8e9f84ba02c3e6ac005f