Security update for qbittorrent
This update to qbittorrent 3.3.11 fixes the security issues and bugs.
The following vulnerabilities were fixed:
- CVE-2017-6504: WebUI did not set the X-Frame-Options header (bsc#1028073)
- CVE-2017-6503: WebUI did not escape many values, allowing for XSS (bsc#1028072)
-
Submitted by
Alexei Sorokin (XRevan86)
Fixed bugs
bnc#1028073
VUL-1: CVE-2017-6504: qBittorrent: WebUI does not set the X-Frame-Options header
bnc#1028072
VUL-0: CVE-2017-6503: qBittorrent: WebUI did not escape many values, allowing for XSS
