Re: [Pkg-kde-extras] Bug#432007: CVE-2007-1799: vulnerability in torrent.cpp

Version: 2.1.4.dfsg.1-1

On Fri, 6 Jul 2007, Steffen Joeris wrote:
> Your package is vulnerable in testing and unstable.
>
> The CVE says:
>
> Directory traversal vulnerability in torrent.cpp in KTorrent
> before 2.1.3 only

Steffen,

Thanks for the bug report, but testing has version 2.1.4 and unstable has version 2.2.0 and are thus not vulnerable.

stable does however have version 2.0.3+dfsg1-2.2 and I suspect a release should be coordinated with the security team.

Mark

stable (kde): BitTorrent client for KDE 2.0.3+dfsg1-2.2: alpha amd64 arm hppa i386 ia64 mips mipsel powerpc s390 sparc testing (kde): BitTorrent client for KDE 2.1.4.dfsg.1-3+b1: alpha amd64 hppa i386 ia64 mips powerpc s390

2.1.4.dfsg.1-3: arm mipsel sparc 
unstable (kde): BitTorrent client for KDE 
2.2.0.dfsg.1-1: alpha amd64 armel hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


application/pgp-signature attachment: This is a digitally signed message part.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.debian.org Links debian-announce debian-apache debian-arm-changes debian-beowulf debian-boot debian-cd debian-cd-vendors debian-changes debian-changes-digest debian-isp debian-kde debian-laptop debian-mirrors-announce debian-news debian-security debian-security-announce debian-testing debian-user debian-user-digest Request more information about Pantek