KDE has been updated to 3.5.10 in ubuntu-mini but amarok is still in the old version unpatched 1.4.9.1-0ubuntu3, based on KDE 3.5.9.
-- [CVE-2008-3699] Insecure creation of magnatune temp files https://bugs.launchpad.net/bugs/257993 You received this bug notification because you are a member of OEM Services QA, which is subscribed to The Dell Mini Project. Status in The Amarok Music Player: Fix Released Status in Dell Inspiron Mini with Custom Dell UI: Confirmed Status in “amarok” source package in Ubuntu: Fix Released Status in amarok in Ubuntu Gutsy: Fix Released Status in amarok in Ubuntu Hardy: Fix Released Bug description: A vulnerability was found in the creation of magnatune temporary files in amarok. A patch was made available from upstream. (Released with amarok 1.4.10) References http://secunia.com/advisories/31418/ http://www.securityfocus.com/bid/30662 http://websvn.kde.org/?view=rev&revision=846626 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494765 Uploading a debdiff for hardy-security shortly. _______________________________________________ Mailing list: https://launchpad.net/~oem-qa Post to : [email protected] Unsubscribe : https://launchpad.net/~oem-qa More help : https://help.launchpad.net/ListHelp
