* SECURITY UPDATE: file name directory traversal attack (LP: #578856).
- Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
- kget/ui/metalinkcreator/metalinker.cpp check filename is valid
- kget/transfer-plugins/metalink/metalink.cpp if the dialog was not accepted untick every file, so that the download does not start
- CVE-2010-1000, SA39528
-- Jonathan Riddell <email address hidden> Tue, 11 May 2010 16:26:45 +0100
This bug was fixed in the package kdenetwork - 4:4.4.2-0ubuntu4.1
--------------- 2-0ubuntu4. 1) lucid-security; urgency=low
kdenetwork (4:4.4.
* SECURITY UPDATE: file name directory traversal attack (LP: #578856). patches/ kubuntu_ 01_kget_ CVE-2010- 1000.diff metalinkcreator /metalinker. cpp check filename is valid plugins/ metalink/ metalink. cpp if the dialog was not accepted untick every file, so that the download does not start
- Add debian/
- kget/ui/
- kget/transfer-
- CVE-2010-1000, SA39528
-- Jonathan Riddell <email address hidden> Tue, 11 May 2010 16:26:45 +0100