Accepted:
OK: ktorrent_1.2-0ubuntu5.1.dsc
-> Component: main Section: net
OK: ktorrent_1.2-0ubuntu5.1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 11 Mar 2007 10:45:03 -0500
Source: ktorrent
Binary: ktorrent
Architecture: source
Version: 1.2-0ubuntu5.1
Distribution: dapper-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Richard A. Johnson <[EMAIL PROTECTED]>
Description:
ktorrent - BitTorrent client for KDE
Changes:
ktorrent (1.2-0ubuntu5.1) dapper-security; urgency=low
.
* SECURITY UPDATE: allows .. in file name which could cause
the user to overwrite files (if ran as root, system files).
DoS or heap corruption possible if idx is to small (negative)
or to large.
* Add 'debian/patches/kubuntu_02_security_fix.diff': backported
upstream fix
* References
http://websvn.kde.org/?view=rev&revision=640661
CVE-2007-1384 CVE-2007-1385
Files:
b33cc9609741465d1acfed4c3e86c87e 785 net optional ktorrent_1.2-0ubuntu5.1.dsc
79df81a2daf88ed095153f8b664f7da4 43785 net optional
ktorrent_1.2-0ubuntu5.1.diff.gz
Original-Maintainer: Joel Johnson <[EMAIL PROTECTED]>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF9dK+H/9LqRcGPm0RAp4QAJwI1ebg2ULydTfqLtTI9J8qFDRemwCfQnBo
PT/HJHm1OYEXb9PpCSYcqyU=
=p9BD
-----END PGP SIGNATURE-----
--
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes
