* SECURITY UPDATE: Two security issues have been discovered in the DCC
protocol support code of kvirc, a KDE-based next generation IRC client,
which allow the overwriting of local files through directory traversal
and the execution of arbitrary code through a format string attack.
- kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
- Patch based on upstream SVN revision 4317.
- CVE-2010-2451, CVE-2010-2452:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
- LP: #601702
-- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:41:51 +0200
This bug was fixed in the package kvirc - 4:4.0.0~ svn3240- 1ubuntu0. 1
--------------- 0~svn3240- 1ubuntu0. 1) karmic-security; urgency=low
kvirc (4:4.0.
* SECURITY UPDATE: Two security issues have been discovered in the DCC 01_CVE- 2010-2451_ CVE-2010- 2451_DCC_ fix.patch cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2010- 2451 cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2010- 2452
protocol support code of kvirc, a KDE-based next generation IRC client,
which allow the overwriting of local files through directory traversal
and the execution of arbitrary code through a format string attack.
- kubuntu_
- Patch based on upstream SVN revision 4317.
- CVE-2010-2451, CVE-2010-2452:
- http://
- http://
- LP: #601702
-- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:41:51 +0200