-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 16 Apr 2017 16:03:02 +0200 Source: qbittorrent Binary: qbittorrent qbittorrent-nox qbittorrent-dbg Architecture: source amd64 Version: 2.9.8-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Cristian Greco <cristian@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: qbittorrent - bittorrent client based on libtorrent-rasterbar with a Qt4 GUI qbittorrent-dbg - debug symbols for qbittorrent and qbittorrent-nox qbittorrent-nox - bittorrent client based on libtorrent-rasterbar (without X suppor Changes: qbittorrent (2.9.8-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2017-6503 WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS. * CVE-2017-6504 WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking. Checksums-Sha1: 11e165e68ac4940bb0ecb8440c50c59e382c0837 2295 qbittorrent_2.9.8-1+deb7u1.dsc e119abaf84081885087381d5d00bea2ddaff9b6f 1974276 qbittorrent_2.9.8.orig.tar.xz f804ae987b58c599b0f1dc5ff077c92961600d3d 17387 qbittorrent_2.9.8-1+deb7u1.debian.tar.gz 1a27c4c090e3cbada92784cd705b8b50f3d400ac 2785280 qbittorrent_2.9.8-1+deb7u1_amd64.deb a5854d6173a77e6ec4b4cb4b138bdcb9590becdb 1979598 qbittorrent-nox_2.9.8-1+deb7u1_amd64.deb c161d80de98027bcbd08767d9df643263a47f7c7 24031388 qbittorrent-dbg_2.9.8-1+deb7u1_amd64.deb Checksums-Sha256: cd04dd7beca3f7c226fc5be70108f6eafffa151580928f1cb64ad2bfb72c4e7e 2295 qbittorrent_2.9.8-1+deb7u1.dsc ed4feebc731dd05804d9929cd391b28f09aa903abd477fd737818b83503e1ad7 1974276 qbittorrent_2.9.8.orig.tar.xz e8fe255c325bf2c36409fadd7da46b1202d9477ca245e3b77ed3f1e3b966fa8b 17387 qbittorrent_2.9.8-1+deb7u1.debian.tar.gz aed3af895a03141bd34fa6f19dad668f3b15e9c6d7042369860d2a46b6585903 2785280 qbittorrent_2.9.8-1+deb7u1_amd64.deb 1f33f7a76bc9d06290c66769956d2c6d5749d3f02e568f894db990c6b26bff1c 1979598 qbittorrent-nox_2.9.8-1+deb7u1_amd64.deb faab72a4737e25552f4b5d7ed04284318f28ced3046521e228a7474fe7738893 24031388 qbittorrent-dbg_2.9.8-1+deb7u1_amd64.deb Files: 8ff7fb958d74ed0e148033f7ac5daab2 2295 net optional qbittorrent_2.9.8-1+deb7u1.dsc cb1af7a270226a5df8bf8eee7d5fa7d2 1974276 net optional qbittorrent_2.9.8.orig.tar.xz cd78e7db9ca6e3f851f3d1cb5c521760 17387 net optional qbittorrent_2.9.8-1+deb7u1.debian.tar.gz e4f0ca2961635b95f522f6796facf0de 2785280 net optional qbittorrent_2.9.8-1+deb7u1_amd64.deb c9d588890e4ae9963b3a5c671759e5d1 1979598 net optional qbittorrent-nox_2.9.8-1+deb7u1_amd64.deb 920ab6d6f08acb9dc2bac2c56518ac56 24031388 debug extra qbittorrent-dbg_2.9.8-1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAljziAFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR+Y6D/9yI2mkcKpzY5DSuRZRvVIxKL7WNmg4 LFe7vHWsTJpJ0yuw7LB8mWkGr4DjQJikb7ve+Tvy5mxUFYOpC05NslQ1ZFi0lroU EKlftNhVzk8Za8NeeArcqI4lMRfaLi8z584I+5xA1WJMJyYy7LgA/xXpWidbbIXW AVAr/PRfEUIZGD04AL+D0P/6oPoISZ+CZccNNQx8dfzmWtzUPR+H0T5+9pMA0xwa k151ZbcHrfgColqnajSUGFsan+5fbW25cc+BIRyoLBKL4OmCwYFrkIyY/wnft2aD 24dUUmFyZY2/L1jA3/8MucULv2qT1BqiWS1otoruVUYjQXJH/amlv+dq8C8p5SYs YarcexdgMm9a6oG+MSGNS2n927aWLMnE1YOBP/mBkQtFzhrHkDXP3rYiY+trRXyv ngt6OFPea5jPNoyVHCchapoYK0N80W4isBb4V473mb6ZEYU6VERw7LAKPOyGX1Le H0fwXaZBziFFlDicYGE/L/NUQ1vjODuawThqGDaNs5Tcv51Ej4XNpt17FaYiKJpn O+p7nlz5lGvqpKxRq+1zL1N+L34SEa8xPCksv2Q6CBfIbsiOYLGby0kTjuQKLcZn 1cfNHHZUEq84jXrxVV7sNfITHj3FMm+dZqDmX564hmUblzEGIOffHdhFKtYmlP/B zJVaZSHYs+m7zA== =ac/+ -----END PGP SIGNATURE-----