lftp 4.0.2-1ubuntu0.1 source package in Ubuntu
Changelog
lftp (4.0.2-1ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: arbitrary file overwrite via dot file download - debian/patches/CVE-2010-2251.dpatch: don't use server-provided names in src/{FileAccess,FileCopy,GetJob,commands,resource}.cc. - This update changes previous behaviour by ignoring the filename supplied by the server in the Content-Disposition header. To re-enable previous behaviour, use the new xfer:auto-rename setting. - CVE-2010-2251 -- Marc Deslauriers <email address hidden> Thu, 02 Sep 2010 15:28:37 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Lucid
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
lftp_4.0.2.orig.tar.gz | 2.1 MiB | 0f6fb342df91066540413edd0c7535f9b524370a50b068e6ded2d689b675c96d |
lftp_4.0.2-1ubuntu0.1.diff.gz | 14.0 KiB | d1ff9df32a1544f7bc4b241f3870edf38b5afe0f93847a372f083ec8f318eac1 |
lftp_4.0.2-1ubuntu0.1.dsc | 1.1 KiB | c78c3d60d9fbfc522b8ac137537123094de3ad8a4cfbb02d6a984eb41239c54b |
Available diffs
Binary packages built by this source
- lftp: No summary available for lftp in ubuntu lucid.
No description available for lftp in ubuntu lucid.