[Bug 91174] Re: KTorrent security issue with releases <2.1.2 (Breezy - Feisty)
Kees Cook
kees at ubuntu.com
Sat Mar 10 16:54:27 UTC 2007
(from 91172, now dup'd)
http://websvn.kde.org/?view=rev&revision=640661
>From a quick review, the changes to "torrent.cpp" are to stop arbitrary
path overwrites, and the other changes are to protect against heap
corruption. I haven't studied the code paths too much, but it feels like
a very dedicated attacker could manage to get arbitrary code execution.
** Changed in: ktorrent (Ubuntu)
Importance: Undecided => Medium
Status: Rejected => Confirmed
** Changed in: ktorrent (Ubuntu Edgy)
Importance: Undecided => Medium
Status: Unconfirmed => Confirmed
** Changed in: ktorrent (Ubuntu Dapper)
Importance: Undecided => Medium
Status: Unconfirmed => Confirmed
** Changed in: ktorrent (Ubuntu Breezy)
Importance: Undecided => Medium
Status: Unconfirmed => Confirmed
** This bug has been flagged as a security issue
--
KTorrent security issue with releases <2.1.2 (Breezy - Feisty)
https://launchpad.net/bugs/91174
More information about the kubuntu-bugs
mailing list