Package: torrentflux
Severity: grave
Tags: security
More security vulnerabilities has been found in torrentflux. From
http://secunia.com/advisories/22880/ :
1) Input passed to the "kill" parameter in index.php is not properly
sanitised before being used as the command line argument to
the "kill
retitle 399169 torrentflux: create/delete/overwrite arbitrary files
tags 399169 + pending
thanks
Thanks for the report Stefan, your vigilance is much appreciated.
Unfortunately the report from secunia is poorly titled, and some of it
doesn't apply to the Debian package, so I'll include some more
Hi Cameron,
thanks for looking into this. Unfortunately I think you are only
partially right. (On the other hand, I don't use torrentflux and
cannot install it ATM due to libphp-adodb brokenness, so I could be
wrong as well).
On Wednesday 22 November 2006 09:31, Cameron Dale wrote:
> Unfortuna
On 11/22/06, Stefan Fritsch <[EMAIL PROTECTED]> wrote:
thanks for looking into this. Unfortunately I think you are only
partially right. (On the other hand, I don't use torrentflux and
cannot install it ATM due to libphp-adodb brokenness, so I could be
wrong as well).
A new libphp-adodb is in t
4 matches
Mail list logo
