Comment 2 for bug 428183

For Intrepid, we can probably pull this from Lenny:

 libtorrent-rasterbar (0.13.1-2+lenny1) stable-security; urgency=high

   * debian/control:
     - change my email address so this upload doesn't appear as a NMU.
     - build-depends on quilt patch system.
   * debian/patches/fix_CVE_2009_1760.patch: fixes torrent file path
     vulnerability, backported from upstream svn (CVE-2009-1760).

 -- Cristian Greco <email address hidden> Thu, 04 Jun 2009 03:05:08 +0200

Here's a direct link to the patch from Lenny:

http://patch-tracker.debian.org/patch/series/dl/libtorrent-rasterbar/0.13.1-2+lenny1/fix_CVE_2009_1760.patch

This seems to be the upstream svn commit:

http://libtorrent.svn.sourceforge.net/viewvc/libtorrent?view=rev&revision=3580