Package name
ktorrent
Date
2007-05-01
Advisory ID
MDKSA-2007:095
Affected versions
2007.1 i586 , 2007.1 x86_64

Problem description

A directory traversal vulnerability was found in KTorrent prior to
2.1.2, due to an incomplete fix for a prior directory traversal
vulnerability that was corrected in version 2.1.2. Previously,
KTorrent would only check for the string .., which could permit
strings such as ../.

Updated packages have been patched to correct this issue.

Updated packages

2007.1 i586

 b95f63a9b094263407b5edd9fe7ee6e2  2007.1/i586/ktorrent-2.1.2-2.1mdv2007.1.i586.rpm
 32512bebd21d579d2fa762c387e8efda  2007.1/i586/libktorrent2.1.2-2.1.2-2.1mdv2007.1.i586.rpm 
 151fe82f8fa9c1a3bb568d96ee098e08  2007.1/SRPMS/ktorrent-2.1.2-2.1mdv2007.1.src.rpm

2007.1 x86_64

 545b1f969612aa961e48133c18cbb12f  2007.1/x86_64/ktorrent-2.1.2-2.1mdv2007.1.x86_64.rpm
 5fa55787f9f581f79ade2254613222dd  2007.1/x86_64/lib64ktorrent2.1.2-2.1.2-2.1mdv2007.1.x86_64.rpm 
 151fe82f8fa9c1a3bb568d96ee098e08  2007.1/SRPMS/ktorrent-2.1.2-2.1mdv2007.1.src.rpm

References