[Bug 428183] Re: Directory traversal vulnerability

Andrew Starr-Bochicchio Fri, 11 Sep 2009 20:40:36 -0700

For Intrepid, we can probably pull this from Lenny:

 libtorrent-rasterbar  (0.13.1-2+lenny1) stable-security; urgency=high


   * debian/control:
     - change my email address so this upload doesn't appear as a NMU.
     - build-depends on quilt patch system.
   * debian/patches/fix_CVE_2009_1760.patch: fixes torrent file path
     vulnerability, backported from upstream svn (CVE-2009-1760).

 -- Cristian Greco <cristian.deb...@gmail.com>  Thu, 04 Jun 2009
03:05:08 +0200

Here's a direct link to the patch from Lenny:

http://patch-tracker.debian.org/patch/series/dl/libtorrent-
rasterbar/0.13.1-2+lenny1/fix_CVE_2009_1760.patch

This seems to be the upstream svn commit:

http://libtorrent.svn.sourceforge.net/viewvc/libtorrent?view=rev&revision=3580

** Changed in: libtorrent-rasterbar (Ubuntu Jaunty)
       Status: New => Won't Fix

** Changed in: libtorrent-rasterbar (Ubuntu Jaunty)
       Status: Won't Fix => New

-- 
Directory traversal vulnerability
https://bugs.launchpad.net/bugs/428183
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 428183] Re: Directory traversal vulnerability

Reply via email to