Gentoo Linux Security Advisory GLSA 200705-01 - Bryan Burns of Juniper Networks discovered a vulnerability in chunkcounter.cpp when processing large or negative idx values, and a directory traversal vulnerability in torrent.cpp. Versions less than 2.1.3 are affected.
b57efc215d1526e13a88dad0980b79388b365f50a3326ebe8a381ad5c7ef0948
Ubuntu Security Notice 436-1 - Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.
c6a9911f676c52c44f13fff3ea2c268d124e8d46002028af110bf993cb7c6a6a