This bug was fixed in the package kdenetwork - 4:4.4.5-0ubuntu1.1
---------------
kdenetwork (4:4.4.5-0ubuntu1.1) lucid-security; urgency=low
* SECURITY UPDATE: file name directory traversal attack (LP: #757526)
- Add debian/patches/kubuntu_06_kget_metalinker.diff: check if the
filename is well formed, without traversal opportunities
- CVE-2011-XXXX (an incomplete fix for CVE-2010-1000)
-- Romain Perier <[email protected]> Wed, 13 Apr 2011 20:03:50 +0200
** Changed in: kdenetwork (Ubuntu Karmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdenetwork in Ubuntu.
https://bugs.launchpad.net/bugs/757526
Title:
Updated fix for CVE-2010-1000
--
kubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
