Hi Attached is the NMU patch.
Cheers Steffen
diff -u amule-2.2.5/debian/changelog amule-2.2.5/debian/changelog --- amule-2.2.5/debian/changelog +++ amule-2.2.5/debian/changelog @@ -1,3 +1,12 @@ +amule (2.2.5-1.1) unstable; urgency=high + + * Non-maintainer upload by the security team + * Make sure that the single tick is handled properly in order to avoid + code execution (Closes: #525078) + Fixes: CVE-2009-1440 + + -- Steffen Joeris <[email protected]> Thu, 18 Jun 2009 14:10:54 +0000 + amule (2.2.5-1) unstable; urgency=low +++ The "Fido, Your Leash Is Too Long" release. diff -u amule-2.2.5/debian/patches/series amule-2.2.5/debian/patches/series --- amule-2.2.5/debian/patches/series +++ amule-2.2.5/debian/patches/series @@ -3,0 +4 @@ +CVE-2009-1440.patch only in patch2: unchanged: --- amule-2.2.5.orig/debian/patches/CVE-2009-1440.patch +++ amule-2.2.5/debian/patches/CVE-2009-1440.patch @@ -0,0 +1,11 @@ +--- ../old/amule-2.2.5/src/DownloadListCtrl.cpp 2009-04-30 13:04:17.000000000 +0000 ++++ amule-2.2.5/src/DownloadListCtrl.cpp 2009-06-18 14:08:52.000000000 +0000 +@@ -2298,7 +2298,7 @@ + wxString rawFileName = file->GetFullName().GetRaw(); + + #ifndef __WXMSW__ +- rawFileName.Replace(QUOTE, wxT("'\"'\"'")); ++ rawFileName.Replace(QUOTE, wxT("\\") QUOTE); + #endif + + if (!command.Replace(wxT("$file"), rawFileName)) {
signature.asc
Description: This is a digitally signed message part.

