[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Please unblock ktorrent2.2, please consider ktorrent


1) Upstream released a new upstream version of ktorrent2.2 _solely_ for the 
purpose of fixing 2 security problems (#504178). It is in sid (2.2.8). Please 
unblock it.

2) A clone of those security bugs (#503817) is still open for ktorrent/lenny. 
A new upstream release (which upstream considers bugfix one, _no new 
features_) of ktorrent in sid has at least 4-5 crash fixes, a fix for 100% CPU 
bug (#502071), 2 security fixes (#503817), a memory leak fix, a fix for 
torrent/HTTP protocol violation. In three months that 3.1.2, 3.1.3 and 3.1.4 
have spent in unstable no new bugs have been reported against them in Debian 
which wouldn't affect 3.1.1 either (i.e. there are no known regressions). 
Personally, I would be very disappointed as a maintainer and as a user if 
Lenny was released with 3.1.1. But whether you're going to trust me on this 
one and even if you don't how much potential harm a bugfix update of a 
completely standalone application could do are up to you to decide. Upstream 
Changelog below:

Changes in 3.1.4 :
- Make sure user is properly logged in when handling a torrent post in the 
- Prevent PHP injection attacks in webgui
- Update file size in CacheFile::growFile, this fixes a SIGBUS error (172814)
- Fix bug causing infinite DNS lookups in UDP tracker when lookup fails
- Remove default label text KSqueezedTextLabel in trackerview (173065)

Changes in 3.1.3 :
- Make login into webinterface secure
- Check if menus are created properly before showing them
- Stop KT from exiting when scanfolder loads a plugin silently and KT is 
hidden in systray.
- Make sure duplicate URL's are not shown in trackerview
- Fix problem causing file priorities not to be read at startup
- Make sure added.f is filled in with the proper flags for each peer in the 
added field of a PEX message (169014)
- Make sure it is not required to put http:// for the proxy in the config 
dialog (169133)
- Fix typo in advanced pref
- Fix bug causing webseed not to download last chunk of a request
- Fix bug which resulted in speeds of webseed not getting calculated
- Fix rename of groups when edit is not initialized via context menu
- Make toolbars hideable
- Make sure that files can not be moved to the location they are already in
- Don't start torrents at startup when a torrent is user controlled and over 
- Fix crash in logging code due to 0 pointer
- Remove bitoogle from default search engine list

Changes in 3.1.2 :
- Improved performance of GUI updates
- Make sure app icon is set (mostly for windows)
- Fix crash when clicking on clear search history button twice (167580)
- Backported some improvements to download thread 
- Make sure cookies are not sent in http announces
- Fix crash at startup which started happening since KDE 4.1
- Fix problem causing massive memory usage (148385)
- Fix issue causing Timer class to stop working when day changes
- Make sure toolbar settings are restored properly
- Fix compile error on arm architecture
- Fixed some bugs in file deselection code

Modestas Vainius <modestas@vainius.eu>

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: