Format: 1.7
Date: Tue, 20 Jan 2009 11:24:17 -0500
Source: ktorrent
Binary: ktorrent
Architecture: lpia_translations lpia
Version: 2.2.1-0ubuntu3.1
Distribution: gutsy
Urgency: low
Maintainer: Ubuntu/lpia Build Daemon <buildd@molybdenum.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 ktorrent   - BitTorrent client for KDE
Changes: 
 ktorrent (2.2.1-0ubuntu3.1) gutsy-security; urgency=low
 .
   * SECURITY UPDATE: access restrictions bypass in torrent upload feature
     of web interface plugin
     - debian/patches/11_SECURITY_CVE-2008-5905.patch: redirect to login page if
       session is not valid in plugins/webinterface/httpserver.cpp.
     - CVE-2008-5905
   * SECURITY UPDATE: arbitrary php code execution in web interface plugin
     - debian/patches/12_SECURITY_CVE-2008-5906.patch: check for string
       delimiters with a new containsDelimiters() function in
       plugins/webinterface/php_handler.{cpp,h}.
     - CVE-2008-5906
Files: 
 b18e87c07f21809de4afd7181f2d1661 963201 raw-translations - ktorrent_2.2.1-0ubuntu3.1_lpia_translations.tar.gz
 979fbc6391793dd1b976b555614b8125 2769980 kde optional ktorrent_2.2.1-0ubuntu3.1_lpia.deb