Ubuntu
amule package

Branches for Intrepid

Name		Status	Last Modified	Last Commit
lp:ubuntu/intrepid-security/amule		2 Mature	2009-07-08 20:52:20 UTC 2009-07-08	24. * SECURITY UPDATE: Incomplete escapin... Author: Andreas Moog Revision Date: 2009-07-08 02:36:12 UTC * SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers to conduct argument injection attacks into a command via a crafted filename. (LP: #396807) - src/DownloadListCtrl.cpp sanitises the downloaded filenames but does not escape ticks in filenames correctly. - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078 - Patch by Sam Hocevar - CVE-2009-1440