This patch should resolve this issue. It is based on the patch applied upstream (https://svn.kvirc.de/kvirc/changeset/4693) and in Debian (http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=kvirc_3.4 .0_security-team.debdiff;att=2;bug=590745). Ubuntu Maverick, Natty, and Debian already have this patch. The patch applies, and the resulting package is able to be built (https://launchpad.net/~nhandler/+archive/ppa/+sourcepub/1550219 /+listing-archive-extra). I am waiting on confirmation from another member of freenode staff (or anyone else in the community) to confirm that this patched version of the package successfully resolves the vulnerability present in the current version of the package.
** Patch added: "kvirc_4.0.0~svn3900+rc2-1ubuntu0.2.debdiff" https://bugs.launchpad.net/ubuntu/+source/kvirc/+bug/612682/+attachment/1907656/+files/kvirc_4.0.0%7Esvn3900%2Brc2-1ubuntu0.2.debdiff ** Changed in: kvirc (Ubuntu) Status: In Progress => Confirmed ** Changed in: kvirc (Ubuntu) Assignee: Nathan Handler (nhandler) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/612682 Title: KVIrc security release 4.0.2 avaible -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
