Hello, 1) Upstream released a new upstream version of ktorrent2.2 _solely_ for the purpose of fixing 2 security problems (#504178). It is in sid (2.2.8). Please unblock it. 2) A clone of those security bugs (#503817) is still open for ktorrent/lenny. A new upstream release (which upstream considers bugfix one, _no new features_) of ktorrent in sid has at least 4-5 crash fixes, a fix for 100% CPU bug (#502071), 2 security fixes (#503817), a memory leak fix, a fix for torrent/HTTP protocol violation. In three months that 3.1.2, 3.1.3 and 3.1.4 have spent in unstable no new bugs have been reported against them in Debian which wouldn't affect 3.1.1 either (i.e. there are no known regressions). Personally, I would be very disappointed as a maintainer and as a user if Lenny was released with 3.1.1. But whether you're going to trust me on this one and even if you don't how much potential harm a bugfix update of a completely standalone application could do are up to you to decide. Upstream Changelog below: ------ Changes in 3.1.4 : - Make sure user is properly logged in when handling a torrent post in the webgui - Prevent PHP injection attacks in webgui - Update file size in CacheFile::growFile, this fixes a SIGBUS error (172814) - Fix bug causing infinite DNS lookups in UDP tracker when lookup fails - Remove default label text KSqueezedTextLabel in trackerview (173065) Changes in 3.1.3 : - Make login into webinterface secure - Check if menus are created properly before showing them - Stop KT from exiting when scanfolder loads a plugin silently and KT is hidden in systray. - Make sure duplicate URL's are not shown in trackerview - Fix problem causing file priorities not to be read at startup - Make sure added.f is filled in with the proper flags for each peer in the added field of a PEX message (169014) - Make sure it is not required to put http:// for the proxy in the config dialog (169133) - Fix typo in advanced pref - Fix bug causing webseed not to download last chunk of a request - Fix bug which resulted in speeds of webseed not getting calculated - Fix rename of groups when edit is not initialized via context menu - Make toolbars hideable - Make sure that files can not be moved to the location they are already in - Don't start torrents at startup when a torrent is user controlled and over limit - Fix crash in logging code due to 0 pointer - Remove bitoogle from default search engine list Changes in 3.1.2 : - Improved performance of GUI updates - Make sure app icon is set (mostly for windows) - Fix crash when clicking on clear search history button twice (167580) - Backported some improvements to download thread - Make sure cookies are not sent in http announces - Fix crash at startup which started happening since KDE 4.1 - Fix problem causing massive memory usage (148385) - Fix issue causing Timer class to stop working when day changes - Make sure toolbar settings are restored properly - Fix compile error on arm architecture - Fixed some bugs in file deselection code -- Modestas Vainius <modestas@vainius.eu>
Attachment:
signature.asc
Description: This is a digitally signed message part.