{"id":"MGASA-2017-0095","summary":"Updated deluge packages fix security vulnerability","details":"Updated deluge package fixes a CSRF (Cross-site request forgery)\nvulnerability using upstream patch. Cross-Site Request Forgery (CSRF) is\nan attack that forces an end user to execute unwanted actions on a web\napplication in which they're currently authenticated. CSRF attacks\nspecifically target state-changing requests, not theft of data, since the\nattacker has no way to see the response to the forged request.[*]\n","modified":"2026-04-16T04:27:28.667709Z","published":"2017-03-31T06:14:39Z","references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0095.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20475"},{"type":"WEB","url":"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429449"}],"affected":[{"package":{"name":"deluge","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/deluge?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.11-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0095.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}