What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-6547
2009-06-18 10:59:17
--------------------------------------------------------------------------------

Name        : rb_libtorrent
Product     : Fedora 10
Version     : 0.13.1
Release     : 5.fc10
URL         : https://www.rasterbar.com/products/libtorrent/
Summary     : A C++ BitTorrent library aiming to be the best alternative
Description :
rb_libtorrent is a C++ library that aims to be a good alternative to all
the other BitTorrent implementations around. It is a library and not a full
featured client, although it comes with a few working example clients.

Its main goals are to be very efficient (in terms of CPU and memory usage) as
well as being very easy to use both as a user and developer.

--------------------------------------------------------------------------------
Update Information:

This release adds an upstream patch to fix a directory traversal vulnerability
which would allow a remote attacker to create or overwrite arbitrary files via a
".." (dot dot) and partial relative pathname in a specially-crafted torrent.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 14 2009 Peter Gordon  - 0.13.1-5
- Apply upstream patch to fix CVE-2009-1760 (arbitrary file overwrite
  vulnerability):
  + 0.13-CVE-2009-1760.diff
- Fixes security bug #505523.
* Mon Jan  5 2009 Peter Gordon  - 0.13.1-4
- Add asio-devel as runtime dependency for the devel subpackage (#478589)
* Thu Nov 20 2008 Peter Gordon 
- Update Source0 URL, for now.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #505523 - CVE-2009-1760 rb_libtorrent: arbitrary file overwrite vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=505523
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update rb_libtorrent' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 10 Update: rb_libtorrent-0.13.1-5.fc10

June 26, 2009
This release adds an upstream patch to fix a directory traversal vulnerability which would allow a remote attacker to create or overwrite arbitrary files via a ".." (dot dot) and ...

Summary

rb_libtorrent is a C++ library that aims to be a good alternative to all

the other BitTorrent implementations around. It is a library and not a full

featured client, although it comes with a few working example clients.

Its main goals are to be very efficient (in terms of CPU and memory usage) as

well as being very easy to use both as a user and developer.

Update Information:

This release adds an upstream patch to fix a directory traversal vulnerability which would allow a remote attacker to create or overwrite arbitrary files via a ".." (dot dot) and partial relative pathname in a specially-crafted torrent.

Change Log

* Sun Jun 14 2009 Peter Gordon - 0.13.1-5 - Apply upstream patch to fix CVE-2009-1760 (arbitrary file overwrite vulnerability): + 0.13-CVE-2009-1760.diff - Fixes security bug #505523. * Mon Jan 5 2009 Peter Gordon - 0.13.1-4 - Add asio-devel as runtime dependency for the devel subpackage (#478589) * Thu Nov 20 2008 Peter Gordon - Update Source0 URL, for now.

References

[ 1 ] Bug #505523 - CVE-2009-1760 rb_libtorrent: arbitrary file overwrite vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=505523

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update rb_libtorrent' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : rb_libtorrent
Product : Fedora 10
Version : 0.13.1
Release : 5.fc10
URL : https://www.rasterbar.com/products/libtorrent/
Summary : A C++ BitTorrent library aiming to be the best alternative

Related News

OpenSSL 3.2 Adds Support for TCP Fast Open on Linux, Argon2 KDF, and More

Nov 27, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo