tag 285128 sarge sid
stop here
* Joey Hess [Fri, 10 Dec 2004 14:51:51 -0500]:
> The advisory says that it affects version >= 3.3.1, so perhaps our
> 3.2.3-1/2.3.3-1 in t-p-u/testing are not vulnerable. I've not checked.
just for the record: yes, 3.2 is vulnerable. upstream released patches
f
Package: konqueror
Version: 3.3.1
Tags: security
Severity: serious
CAN-2004-1165 is about a security hole in konqueror that allows
arbitrary ftp commands to be inserted in a URL via URL-encoded newlines.
Details about this hole are here:
http://marc.theaimsgroup.com/?l=bugtraq&m=110245752232681&w=
2 matches
Mail list logo