Fedora 10 Update: deluge-1.1.9-1.fc10
Summary
Deluge is a new BitTorrent client, created using Python and GTK+. It is
intended to bring a native, full-featured client to Linux GTK+ desktop
environments such as GNOME and XFCE. It supports features such as DHT
(Distributed Hash Tables), PEX (µTorrent-compatible Peer Exchange), and UPnP
(Universal Plug-n-Play) that allow one to more easily share BitTorrent data
even from behind a router with virtually zero configuration of port-forwarding.
Update Information:
Deluge 1.1.9 contains updated translations and fixes for a "move torrent" issue (now only happens when the torrent has data downloaded), a folder renaming bug (renaming a parent folder into multiple folders), and an issue with adding a remote torrent in the WebUI. This update also includes all upstream bug-fixes and enhancements in versions 1.1.7 and 1.1.8 (which were skipped in this package). For a full list of these changes, please see the upstream changelog: https://dev.deluge-torrent.org/wiki/ChangeLog In addition, the included copy of rb_libtorrent has been updated to fix a potential directory traversal vulnerability which would allow a remote attacker to create or overwrite arbitrary files via a ".." (dot dot) and partial relative pathname in a specially-crafted torrent.
Change Log
* Wed Jun 17 2009 Peter Gordon
References
[ 1 ] Bug #505523 - CVE-2009-1760 rb_libtorrent: arbitrary file overwrite vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=505523
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update deluge' at the command line. For more information, refer to "Managing Software with yum", available at .