Re: Bug#626844: pu: package kdenetwork/4:4.4.5-2+squeeze1
Modestas Vainius <firstname.lastname@example.org> schrieb:
> This is a multi-part MIME message sent by reportbug.
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
> Package: release.debian.org
> Severity: normal
> User: email@example.com
> Usertags: pu
> [ Disclaimer: I've already asked security team about this upload and they told
> me to do it via s-p-u ]
> This upload would contain a patch that improves fix for CVE-2010-1000.
> Change-by-change details are below while full diff is attached.
> * Add cve_2010_1000_directory_traversal.diff, note that CVE-2010-1000 was
> already fixed, but this patch performs a better protection against that
FYI, the incomplete patch has been assigned CVE-2011-1586.