-
Committer:
Bazaar Package Importer
-
Author(s):
Andreas Wenning
-
Date:
2010-07-05 00:41:51 UTC
-
Revision ID:
james.westby@ubuntu.com-20100705004151-ty0p0q31e1hicddv
Tags: 4:4.0.0~svn3240-1ubuntu0.1
* SECURITY UPDATE: Two security issues have been discovered in the DCC
protocol support code of kvirc, a KDE-based next generation IRC client,
which allow the overwriting of local files through directory traversal
and the execution of arbitrary code through a format string attack.
- kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
- Patch based on upstream SVN revision 4317.
- CVE-2010-2451, CVE-2010-2452:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
- LP: #601702