Red Hat Bugzilla – Bug 592012
CVE-2010-1512 aria2: improper sanitization of metalink attribute for downloading files
Last modified: 2012-07-17 12:35:17 EDT
Secunia Research reported  a flaw in aria2. From their advisory:
Secunia Research has discovered a vulnerability in aria2, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application not properly
sanitising the "name" attribute of the "file" element of metalink
files before using it to download files. If a user is tricked into
downloading from a specially crafted metalink file, this can be
exploited to download files to directories outside of the intended
download directory via directory traversal attacks.
Version 1.9.3 is indicated as being fixed, via changeset 2097 .
This issue has been given the name CVE-2010-1512.
Created aria2 tracking bugs for this issue
Affects: fedora-all [bug 592014]
aria2-1.9.3-1.fc13 has been submitted as an update for Fedora 13.
aria2-1.9.3-1.fc12 has been submitted as an update for Fedora 12.
aria2-1.9.3-1.fc11 has been submitted as an update for Fedora 11.
aria2-1.9.3-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
aria2-1.9.3-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
aria2-1.9.3-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.