kvirc 2:3.2.4-5ubuntu1.1 source package in Ubuntu
Changelog
kvirc (2:3.2.4-5ubuntu1.1) feisty-security; urgency=low * SECURITY UPDATE: parseIrcUrl() do not properly sanitize parts of the URI when building the command for KVIrc's internet script system. This can be exploited to inject and execute commands for the KVIrc script system (including the "run" command, which can be leveraged to execute shell commands) by e.g. tricking a user into opening a specially crafted "irc://" or similar URI. * Add debian/patches/10_parseIrcUrl_security_fix.patch: properly sanitizes URI strings, as done in upstream SVN. (Fixes LP: #123037) * References: - http://www.kvirc.net/?id=news&story=2007.06.29.22.00.1.story&dir=latest - http://secunia.com/secunia_research/2007-56/advisory/ - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2951 - https://svn.kvirc.de/kvirc/changeset/630/#file3 (fix to kvi_ircurl.cpp) * Add debian/control: Debian Maintainer Field -- <email address hidden> (Richard A. Johnson) Mon, 02 Jul 2007 13:10:10 -0500
Upload details
- Uploaded by:
- Rich Johnson
- Uploaded to:
- Feisty
- Original maintainer:
- MOTU
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
kvirc_3.2.4.orig.tar.gz | 7.4 MiB | 115dcd30e27d165bfb408673004ad6711b1dbde625c2031566b0ace538cc95d9 |
kvirc_3.2.4-5ubuntu1.1.diff.gz | 293.1 KiB | bf1eb175662a6191484251f9cb99bc86c4b0f75ca90de20c69baaec79807f5dd |
kvirc_3.2.4-5ubuntu1.1.dsc | 748 bytes | 6aa047e348dda77e4fc7e86bd94ecd260340e24adee7dbe488e8bf2cf4ce101c |
Binary packages built by this source
- kvirc: No summary available for kvirc in ubuntu feisty.
No description available for kvirc in ubuntu feisty.
- kvirc-data: No summary available for kvirc-data in ubuntu feisty.
No description available for kvirc-data in ubuntu feisty.
- kvirc-dev: No summary available for kvirc-dev in ubuntu feisty.
No description available for kvirc-dev in ubuntu feisty.