Ubuntu
kdenetwork package

  1. Bug #578856
  2. Comment #28

Comment 28 for bug 578856

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package kdenetwork - 4:4.2.2-0ubuntu2.3

---------------
kdenetwork (4:4.2.2-0ubuntu2.3) jaunty-security; urgency=low

  * SECURITY UPDATE: file name directory traversal attack (LP: #578856).
   - Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
   - kget/ui/metalinkcreator/metalinker.cpp check filename is valid
   - CVE-2010-1000, SA39528
 -- Jonathan Riddell <email address hidden> Wed, 12 May 2010 10:25:53 +0100