Ubuntu
kdenetwork package

  1. Bug #757526
  2. Comment #15

Comment 15 for bug 757526

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package kdenetwork - 4:4.4.5-0ubuntu1.1

---------------
kdenetwork (4:4.4.5-0ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: file name directory traversal attack (LP: #757526)
    - Add debian/patches/kubuntu_06_kget_metalinker.diff: check if the
      filename is well formed, without traversal opportunities
    - CVE-2011-XXXX (an incomplete fix for CVE-2010-1000)
 -- Romain Perier <email address hidden> Wed, 13 Apr 2011 20:03:50 +0200