Comment 7 for bug 601702

This bug was fixed in the package kvirc - 4:4.0.0~svn3039-0ubuntu2.1

---------------
kvirc (4:4.0.0~svn3039-0ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: Two security issues have been discovered in the DCC
    protocol support code of kvirc, a KDE-based next generation IRC client,
    which allow the overwriting of local files through directory traversal
    and the execution of arbitrary code through a format string attack.
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
      - Patch based on upstream SVN revision 4317.
    - CVE-2010-2451, CVE-2010-2452:
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
    - LP: #601702
 -- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:45:44 +0200