amule
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
* online signature, source exchange, compressed transfers, secure
identification, and IP filter support
* boolean search, which can be local, global, or in the Kad network
* checks against aggressive clients
* slot allocation, to decide the number of remote clients
* systray works well both in GNOME and KDE
* translations to many languages A daemonized version of the application that does not need a graphic environment to run is available in the amule-daemon package, and various utilities of interest can be found in the amule-utils and amule-utils-gui packages, including the ed2k link handler.
amule-common
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
amule-utils
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
* ed2k: handles ed2k:// links, queueing them into aMule
* cas: displays the contents of your aMule online signature
* alcc: computes ed2k:// links for the given input files
* amulecmd: text-based client to control aMule or the aMule daemon Some of these utilities have graphic versions, which can be found in the amule-utils-gui package.
This package contains localization files and webserver templates for aMule. You probably don't want to install this package alone, but amule or amule-daemon instead.
Do you consider this article interesting? Share it on your network of Twitter contacts, on your Facebook wall or simply press "+1" to suggest this result in searches in Google, Linkedin, Instagram or Pinterest. Spreading content that you find relevant helps this blog to grow. Thank you!
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
* online signature, source exchange, compressed transfers, secure
identification, and IP filter support
* boolean search, which can be local, global, or in the Kad network
* checks against aggressive clients
* slot allocation, to decide the number of remote clients
* systray works well both in GNOME and KDE
* translations to many languages A daemonized version of the application that does not need a graphic environment to run is available in the amule-daemon package, and various utilities of interest can be found in the amule-utils and amule-utils-gui packages, including the ed2k link handler.
amule-common
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
amule-utils
Versione 2.2.4-1ubuntu1.1:
* SECURITY UPDATE: Incomplete escaping in filenames allows remote attackers
to conduct argument injection attacks into a command via a crafted
filename. (LP: #396807)
- src/DownloadListCtrl.cpp sanitises the downloaded filenames but does
not escape ticks in filenames correctly.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
- Patch by Sam Hocevar
- CVE-2009-1440
* ed2k: handles ed2k:// links, queueing them into aMule
* cas: displays the contents of your aMule online signature
* alcc: computes ed2k:// links for the given input files
* amulecmd: text-based client to control aMule or the aMule daemon Some of these utilities have graphic versions, which can be found in the amule-utils-gui package.
This package contains localization files and webserver templates for aMule. You probably don't want to install this package alone, but amule or amule-daemon instead.
0 comments:
Post a Comment