Please find the attached debdiff for hardy. I verified the version 2.9.2-1 in hardy is vulnerable and also verified the patch fixed the described problem. Double-Slash now results in Status 404.
Regards, Jens ** Attachment added: "mldonkey_2.9.2-2build1_httpDoubleSlash_lp340166.debdiff" http://launchpadlibrarian.net/24279118/mldonkey_2.9.2-2build1_httpDoubleSlash_lp340166.debdiff -- MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln https://bugs.launchpad.net/bugs/340166 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs