← Back to branch summary

~ubuntu-branches/ubuntu/karmic/kvirc/karmic-updates

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Bazaar Package Importer
  • Author(s): Andreas Wenning
  • Date: 2010-07-05 00:41:51 UTC
  • Revision ID: james.westby@ubuntu.com-20100705004151-ty0p0q31e1hicddv
Tags: 4:4.0.0~svn3240-1ubuntu0.1
https://launchpad.net/bugs/601702
* SECURITY UPDATE: Two security issues have been discovered in the DCC
  protocol support code of kvirc, a KDE-based next generation IRC client,
  which allow the overwriting of local files through directory traversal
  and the execution of arbitrary code through a format string attack.
  - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
    - Patch based on upstream SVN revision 4317.
  - CVE-2010-2451, CVE-2010-2452:
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
  - LP: #601702

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
kvirc (4:4.0.0~svn3240-1ubuntu0.1) karmic-security; urgency=low
 
2
 
 
3
  * SECURITY UPDATE: Two security issues have been discovered in the DCC
 
4
    protocol support code of kvirc, a KDE-based next generation IRC client,
 
5
    which allow the overwriting of local files through directory traversal
 
6
    and the execution of arbitrary code through a format string attack.
 
7
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
 
8
      - Patch based on upstream SVN revision 4317.
 
9
    - CVE-2010-2451, CVE-2010-2452:
 
10
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
 
11
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
 
12
    - LP: #601702
 
13
 
 
14
 -- Andreas Wenning <awen@awen.dk>  Mon, 05 Jul 2010 00:41:51 +0200
 
15
 
1
16
kvirc (4:4.0.0~svn3240-1) unstable; urgency=low
2
17
 
3
18
  The »Dream Team« release.