KTorrent security issue with releases <2.1.2 (Breezy - Feisty)
Bug #91174 reported by
Rich Johnson
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Dapper Backports |
Fix Released
|
Undecided
|
Unassigned | ||
| Edgy Backports |
Fix Released
|
Undecided
|
Unassigned | ||
| ktorrent (Ubuntu) |
Fix Released
|
Medium
|
Kees Cook | ||
| Breezy |
Fix Released
|
Medium
|
Kees Cook | ||
| Dapper |
Fix Released
|
Medium
|
Kees Cook | ||
| Edgy |
Fix Released
|
Medium
|
Kees Cook | ||
| Feisty |
Fix Released
|
Medium
|
Kees Cook | ||
Bug Description
Binary package hint: ktorrent
binary hint: ktorrent
KDE Mailing List Announcement:
http://
KDE SVN Revision Comments
http://
This issue affects all releases prior to the latest 2.1.2 release (from Breezy to Feisty).
Issues related to the possibility of a DoS or heap corruption by allowing idx to either be to small (negative) or to large (chunkcounter.cpp). The other issue is allowing .. in the file names (torrent.cpp). If ran with the regular user damage could be caused by overwriting user config files or directories. If ran as root, it could overwrite system files.
| Changed in ktorrent: | |
| status: | Fix Committed → Fix Released |
| status: | Fix Committed → Fix Released |
| status: | Fix Committed → Fix Released |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.

91172 in progress. accidental double posting?