Ubuntu
amule package

Branches for Jaunty

Name		Status	Last Modified	Last Commit
lp:ubuntu/jaunty-security/amule		2 Mature	2009-07-08 20:52:19 UTC 2009-07-08	28. * SECURITY UPDATE: Incomplete escapin... Author: Andreas Moog Revision Date: 2009-07-08 01:59:01 UTC * SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers to conduct argument injection attacks into a command via a crafted filename. (LP: #396807) - src/DownloadListCtrl.cpp sanitises the downloaded filenames but does not escape ticks in filenames correctly. - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078 - Patch by Sam Hocevar - CVE-2009-1440