Accepted torrentflux 2.1-1ubuntu0.1 (source)
Kees Cook
kees at ubuntu.com
Wed Oct 11 23:05:11 BST 2006
Accepted:
OK: torrentflux_2.1-1ubuntu0.1.dsc
-> Component: universe Section: web
OK: torrentflux_2.1-1ubuntu0.1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 11 Oct 2006 14:41:27 -0700
Source: torrentflux
Binary: torrentflux
Architecture: source
Version: 2.1-1ubuntu0.1
Distribution: edgy
Urgency: low
Maintainer: Cameron Dale <camrdale at gmail.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
torrentflux - web based, feature-rich BitTorrent download manager
Changes:
torrentflux (2.1-1ubuntu0.1) edgy; urgency=low
.
* SECURITY UPDATE: Vulnerable to cross-site scripting.
* Add 'debian/patches/05_sanitize_html_entities.dpatch': sanitize User-Agent
and host display in admin.php.
* References
http://www.stevenroddis.com.au/2006/10/06/torrentflux-user-agent-xss-vulnerability/
Files:
6e3c9373d9855cbf714495b0468fcac1 633 web optional torrentflux_2.1-1ubuntu0.1.dsc
003cefc2c5b82a3cc186cf446506ae2c 16649 web optional torrentflux_2.1-1ubuntu0.1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFLWcVH/9LqRcGPm0RAgReAJ0eXJgZqgNaXKBRxpjT/iqOjuKSQwCcCvg/
MOUBwOtjZgxXt73waVyfNxE=
=M0YA
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list