-
Committer:
Bazaar Package Importer
-
Author(s):
Richard A. Johnson
-
Date:
2007-03-11 10:37:17 UTC
-
Revision ID:
james.westby@ubuntu.com-20070311103717-ujg5ljkavv9u2vl4
Tags: 2.1-0ubuntu2
* SECURITY UPDATE: allows .. in file name which could cause
the user to overwrite files (if ran as root, system files).
DoS or heap corruption possible if idx is to small (negative)
or to large.
* Add 'debian/patches/kubuntu_01_security_fix.diff': backported
upstream fix
* References
http://websvn.kde.org/?view=rev&revision=640661
CVE-2007-1384 CVE-2007-1385