lp:ubuntu/gutsy-updates/ktorrent
- Get this branch:
- bzr branch lp:ubuntu/gutsy-updates/ktorrent
Branch merges
Branch information
Recent revisions
- 38. By Marc Deslauriers
-
* SECURITY UPDATE: access restrictions bypass in torrent upload feature
of web interface plugin
- debian/patches/ 11_SECURITY_ CVE-2008- 5905.patch: redirect to login page if
session is not valid in plugins/webinterface/ httpserver. cpp.
- CVE-2008-5905
* SECURITY UPDATE: arbitrary php code execution in web interface plugin
- debian/patches/ 12_SECURITY_ CVE-2008- 5906.patch: check for string
delimiters with a new containsDelimiters() function in
plugins/webinterface/ php_handler. {cpp,h} .
- CVE-2008-5906 - 29. By Rich Johnson
-
* SECURITY UPDATE: allows .. in file name which could cause
the user to overwrite files (if ran as root, system files).
DoS or heap corruption possible if idx is to small (negative)
or to large.
* Add 'debian/patches/ kubuntu_ 01_security_ fix.diff' : backported
upstream fix
* References
http://websvn. kde.org/ ?view=rev& revision= 640661
CVE-2007-1384 CVE-2007-1385
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/ktorrent