[ubuntu/jaunty-security] transmission_1.51-0ubuntu3.1_amd64_translations.tar.gz, transmission, transmission_1.51-0ubuntu3.1_armel_translations.tar.gz, transmission_1.51-0ubuntu3.1_i386_translations.tar.gz, transmission_1.51-0ubuntu3.1_hppa_translations.tar.gz, transmission_1.51-0ubuntu3.1_sparc_translations.tar.gz (delayed), transmission_1.51-0ubuntu3.1_ia64_translations.tar.gz, transmission_1.51-0ubuntu3.1_powerpc_translations.tar.gz, transmission_1.51-0ubuntu3.1_lpia_translations.tar.gz 1.51-0ubuntu3.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Jan 14 18:04:29 GMT 2010 

transmission (1.51-0ubuntu3.1) jaunty-security; urgency=low

  * SECURITY UPDATE: fix CSRF for Web Client users
    - debian/patches/CVE-2009-1757.patch: add X-Transmission-Session-Id header
      in the RPC server
    - CVE-2009-1757
  * SECURITY UPDATE: fix arbitrary file overwrite via crafted torrent file
    - debian/patches/CVE-2010-0012.patch: adjust metainfo.c to check for '../'
    - CVE-2010-0012

Date: Thu, 07 Jan 2010 13:24:46 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/transmission/1.51-0ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Thu, 07 Jan 2010 13:24:46 -0600
Source: transmission
Binary: transmission transmission-common transmission-cli transmission-gtk transmission-daemon
Architecture: source
Version: 1.51-0ubuntu3.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 transmission - lightweight BitTorrent client
 transmission-cli - lightweight BitTorrent client (command line interface)
 transmission-common - lightweight BitTorrent client (common files)
 transmission-daemon - lightweight BitTorrent client (daemon)
 transmission-gtk - lightweight BitTorrent client (graphical interface)
Changes: 
 transmission (1.51-0ubuntu3.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: fix CSRF for Web Client users
     - debian/patches/CVE-2009-1757.patch: add X-Transmission-Session-Id header
       in the RPC server
     - CVE-2009-1757
   * SECURITY UPDATE: fix arbitrary file overwrite via crafted torrent file
     - debian/patches/CVE-2010-0012.patch: adjust metainfo.c to check for '../'
     - CVE-2010-0012
Checksums-Sha1: 
 ac77f16e66a8044f51d9de334367629685374983 1598 transmission_1.51-0ubuntu3.1.dsc
 fcbcf76598a2489d01919ac2e57d0a2bb0609d34 24490 transmission_1.51-0ubuntu3.1.diff.gz
Checksums-Sha256: 
 f1cb857d1a37feae71cbd3716ac055eec8761cfcd3c57679364e24633613b16e 1598 transmission_1.51-0ubuntu3.1.dsc
 537ac15411411351cc551bec205b5850e3052ed7935f6e18008e3881a1827835 24490 transmission_1.51-0ubuntu3.1.diff.gz
Files: 
 f693615ed24d4f4e5b8886325e0d123d 1598 net optional transmission_1.51-0ubuntu3.1.dsc
 0baa3ef499573c1e89cce6d6cb848328 24490 net optional transmission_1.51-0ubuntu3.1.diff.gz
Original-Maintainer: Leo Costela <costela at debian.org>

More information about the Jaunty-changes mailing list