Bryan Burns of Juniper networks found 2 security vulnerabilities in KTorrent. These have now been fixed in the 2.1.2 release.

This is just 2.1.1 with these 2 fixes. It would be advisable to upgrade.

Where can I find these 2 libraries:

rpm -i ktorrent-2.1-0.1mdv2007.0.i586.rpm
warning: ktorrent-2.1-0.1mdv2007.0.i586.rpm: Header V3 DSA signature: NOKEY, key ID 3b81a74f
error: Failed dependencies:
libktorrent0 = 2.1 is needed by ktorrent-2.1-0.1mdv2007.0.i586
libktorrent-2.1.so is needed by ktorrent-2.1-0.1mdv2007.0.i586

This means that I need:
libktorrent0 and libktorrent-2.1.so, but I can't find them.

It seems Mandriva is making separate packages for libktorrent and ktorrent application. Is it not in Mandriva repository or maybe you downloaded single RPM from somewhere?

Could you please elaborate on what were the problems in these vulnerabilities and what possible impact they might have?

Thanks,

Markus

We probably could, but seeing that there are many people still using old version maybe we should not leave such information in public leaving bad guys all needed information for exploit. That's my opinion though.

Ey Ivane, jel imas ti te biblioteke negde, ili znas gde bi mogle da se nadju. rpm sam skinuo sa ovog sajta tako da ili predlazi neku staru verziju ili da nadjem ovo.