Updated deluge packages fix security vulnerability
Publication date: 16 Dec 2017Modification date: 16 Dec 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-9031
Description
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file(CVE-2017-9031). Updated deluge package adds systemd services required to autostart deluge daemon and web services. Note that these services not enabled by default.
References
SRPMS
5/core
- deluge-1.3.11-1.3.mga5