Debian Security Advisory
DSA-3856-1 deluge -- security update
- Date Reported:
- 18 May 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-7178, CVE-2017-9031.
- More information:
Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).
For the stable distribution (jessie), these problems have been fixed in version 1.3.10-3+deb8u1.
For the unstable distribution (sid), these problems have been fixed in version 1.3.13+git20161130.48cedf63-3.
We recommend that you upgrade your deluge packages.