Summary: | <net-p2p/deluge-2.1.1: XSS in webui via crafted torrent file | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | candrews, paolo.pedroni, proxy-maint |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://dev.deluge-torrent.org/ticket/3459 | ||
Whiteboard: | B4 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 866614, 877037 | ||
Bug Blocks: |
Description
John Helmert III
2022-08-26 19:22:44 UTC
Still pending stabilisation :( GLSA request filed Please cleanup The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e59c9a6bf0ee6b3aeea0c6b9bc6226896ecc5c5 commit 5e59c9a6bf0ee6b3aeea0c6b9bc6226896ecc5c5 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-10-15 06:44:49 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-10-15 06:47:46 +0000 net-p2p/deluge: drop 2.0.5-r2 Bug: https://bugs.gentoo.org/866842 Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-p2p/deluge/Manifest | 1 - net-p2p/deluge/deluge-2.0.5-r2.ebuild | 144 ---------------------- net-p2p/deluge/files/deluge-2.0.3-UI-status.patch | 31 ----- net-p2p/deluge/files/deluge-2.0.3-setup.py.patch | 11 -- 4 files changed, 187 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=47660d7639f4e391ab61b168c33a2a1892d5dad8 commit 47660d7639f4e391ab61b168c33a2a1892d5dad8 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-16 14:42:29 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-16 14:45:24 +0000 [ GLSA 202210-07 ] Deluge: Cross-Site Scripting Bug: https://bugs.gentoo.org/866842 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-07.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |