Version: 2.1.4.dfsg.1-1 On Fri, 6 Jul 2007, Steffen Joeris wrote: > Your package is vulnerable in testing and unstable. > > The CVE says: > > Directory traversal vulnerability in torrent.cpp in KTorrent > before 2.1.3 only Steffen, Thanks for the bug report, but testing has version 2.1.4 and unstable has version 2.2.0 and are thus not vulnerable. stable does however have version 2.0.3+dfsg1-2.2 and I suspect a release should be coordinated with the security team. Mark stable (kde): BitTorrent client for KDE 2.0.3+dfsg1-2.2: alpha amd64 arm hppa i386 ia64 mips mipsel powerpc s390 sparc testing (kde): BitTorrent client for KDE 2.1.4.dfsg.1-3+b1: alpha amd64 hppa i386 ia64 mips powerpc s390 2.1.4.dfsg.1-3: arm mipsel sparc unstable (kde): BitTorrent client for KDE 2.2.0.dfsg.1-1: alpha amd64 armel hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 m68k mips mipsel powerpc s390 2.1.4.dfsg.1-3: arm sparc
Attachment:
signature.asc
Description: This is a digitally signed message part.