[Backports-security-announce] Security update for transmission

Leo Costela and Josselin Mouette uploaded new packages for transmission
which fixed the following security problem:

CVE-2010-0012
DSA-1967-1

    Dan Rosenberg discovered that Transmission, a lightweight client
    for
    the Bittorrent filesharing protocol performs insufficient
    sanitizing
    of file names specified in .torrent files. This could lead to
    the
    overwrite of local files with the privileges of the user running
    Transmission if the user is tricked into opening a malicious
    torrent
    file.

For the stable distribution (lenny), this problem has been fixed in
version 1.22-1+lenny2.

For the unstable distribution (sid), this problem has been fixed in
version 1.77-1.

For the lenny-backports distribution the problems have been fixed in
version 1.77-1~bpo50+1.

Upgrade instructions

If you don't use pinning (see [1]) you have to update the package
manually via "apt-get -t lenny-backports install <packagelist>" with
the packagelist of your installed packages affected by this update.
[1] <http://backports.org/dokuwiki/doku.php?id=instructions&gt;

We recommend to pin the backports repository to 200 so that new
versions of installed backports will be installed automatically.

Package: *
Pin: release a=lenny-backports
Pin-Priority: 200

–
.''. Josselin Mouette : :' : . ' “I recommend you to learn English in hope that you in - future understand things” – Jörg Schilling