|
From: | spiralvoice |
Subject: | [Mldonkey-bugs] [bug #25667] Http double slash request arbitrary file access vulnerability |
Date: | Tue, 24 Feb 2009 18:30:34 +0000 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.6) Gecko/2009020409 Iceweasel/3.0.6 (Debian-3.0.6-1) |
Follow-up Comment #3, bug #25667 (project mldonkey): For the record, this bug was caused by patch #5787, committed 2007/03/08 to CVS and first released in MLDonkey 2.8.4. That bad patch can be found around line 1493 in http://cvs.savannah.gnu.org/viewvc/mldonkey/mldonkey/src/daemon/driver/driverControlers.ml?r1=1.96&r2=1.97 _______________________________________________________ Reply to this item at: <http://savannah.nongnu.org/bugs/?25667> _______________________________________________ Nachricht geschickt von/durch Savannah http://savannah.nongnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |