|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
| |
|
|
This updates the pam_krb5 package from version 2.3.2 to 2.3.5, fixing
CVE-2009-1384: in certain configurations, the password prompt could vary
depending on whether or not the user account was known to the system or the KDC.
It also fixes a bug which prevented password change attempts from working if the
KDC denied requests for password-changing credentials with settings which would
be used for login credentials, and makes the "-n" option for the "afs5log"
command work as advertised. |
|
|
This release adds a backported upstream patch to fix a directory traversal
vulnerability in the included copy of libtorrent which would allow a remote
attacker to create or overwrite arbitrary files via a ".." (dot dot) and partial
relative pathname in a specially-crafted torrent. |
|
|
This release adds an upstream patch to fix a directory traversal vulnerability
which would allow a remote attacker to create or overwrite arbitrary files via a
".." (dot dot) and partial relative pathname in a specially-crafted torrent. |
|
|
Deluge 1.1.9 contains updated translations and fixes for a "move torrent" issue
(now only happens when the torrent has data downloaded), a folder renaming bug
(renaming a parent folder into multiple folders), and an issue with adding a
remote torrent in the WebUI. This update also includes all upstream bug-fixes
and enhancements in versions 1.1.7 and 1.1.8 (which were skipped in this
package). For a full list of these changes, please see the upstream changelog:
http://dev.deluge-torrent.org/wiki/ChangeLog In addition, the included copy
of rb_libtorrent has been updated to fix a potential directory traversal
vulnerability which would allow a remote attacker to create or overwrite
arbitrary files via a ".." (dot dot) and partial relative pathname in a
specially-crafted torrent. |
|
|
This release adds an upstream patch to fix a directory traversal vulnerability
which would allow a remote attacker to create or overwrite arbitrary files via a
".." (dot dot) and partial relative pathname in a specially-crafted torrent.
In addition to this, asio-devel has been added to the dependencies for the
rb_libtorrent-devel package - a fix already applied to the Fedora 10, 11, and
Development ("Rawhide") packages. |
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 7 of 2143 |
