Advisories ยป MGASA-2017-0449

Updated deluge packages fix security vulnerability

Publication date: 16 Dec 2017
Modification date: 16 Dec 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-9031

Description

The WebUI component in Deluge before 1.3.15 contains a directory traversal
vulnerability involving a request in which the name of the render file is
not associated with any template file(CVE-2017-9031).

Updated deluge package adds systemd services required to autostart deluge
daemon and web services. Note that these services not enabled by default.
                

References

SRPMS

5/core