[Bug 428183] Re: Directory traversal vulnerability
Andrew Starr-Bochicchio
a.starr.b at gmail.com
Sat Sep 12 03:34:12 UTC 2009
For Intrepid, we can probably pull this from Lenny:
libtorrent-rasterbar (0.13.1-2+lenny1) stable-security; urgency=high
* debian/control:
- change my email address so this upload doesn't appear as a NMU.
- build-depends on quilt patch system.
* debian/patches/fix_CVE_2009_1760.patch: fixes torrent file path
vulnerability, backported from upstream svn (CVE-2009-1760).
-- Cristian Greco <cristian.debian at gmail.com> Thu, 04 Jun 2009
03:05:08 +0200
Here's a direct link to the patch from Lenny:
http://patch-tracker.debian.org/patch/series/dl/libtorrent-
rasterbar/0.13.1-2+lenny1/fix_CVE_2009_1760.patch
This seems to be the upstream svn commit:
http://libtorrent.svn.sourceforge.net/viewvc/libtorrent?view=rev&revision=3580
** Changed in: libtorrent-rasterbar (Ubuntu Jaunty)
Status: New => Won't Fix
** Changed in: libtorrent-rasterbar (Ubuntu Jaunty)
Status: Won't Fix => New
--
Directory traversal vulnerability
https://bugs.launchpad.net/bugs/428183
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list