[Bug 757526] Re: Updated fix for CVE-2010-1000

Launchpad Bug Tracker 757526 at bugs.launchpad.net
Mon Apr 18 21:06:15 UTC 2011

This bug was fixed in the package kdenetwork - 4:4.5.1-0ubuntu2.2

kdenetwork (4:4.5.1-0ubuntu2.2) maverick-security; urgency=low

  * SECURITY UPDATE: file name directory traversal attack (LP: #757526)
    - Add debian/patches/kubuntu_06_kget_metalinker.diff: check if the
      filename is well formed, without traversal opportunities
    - CVE-2011-XXXX (incomplete fix for CVE-2010-1000)
 -- Romain Perier <romain.perier at gmail.com>   Wed, 13 Apr 2011 19:36:45 +0200

** Changed in: kdenetwork (Ubuntu Maverick)
       Status: Fix Committed => Fix Released

** Changed in: kdenetwork (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdenetwork in Ubuntu.

  Updated fix for CVE-2010-1000

More information about the kubuntu-bugs mailing list