File _patchinfo of Package patchinfo.6522

<patchinfo incident="6522">
  <issue id="1028073" tracker="bnc">VUL-1: CVE-2017-6504: qBittorrent: WebUI does not set the X-Frame-Options header</issue>
  <issue id="1028072" tracker="bnc">VUL-0: CVE-2017-6503: qBittorrent: WebUI did not escape many values, allowing for XSS</issue>
  <issue tracker="cve" id="2017-6503" />
  <issue tracker="cve" id="2017-6504" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>XRevan86</packager>
  <description>This update to qbittorrent 3.3.11 fixes the security issues and bugs.

The following vulnerabilities were fixed:

- CVE-2017-6504: WebUI did not set the X-Frame-Options header (bsc#1028073)
- CVE-2017-6503: WebUI did not escape many values, allowing for XSS (bsc#1028072)
</description>
  <summary>Security update for qbittorrent</summary>
</patchinfo>
openSUSE Build Service is sponsored by