Ubuntu Security Notice 938-1 - It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution.
746315ac5a48a3f82a0b9ef9941e3f39092871f70399e967ebb36f5e00d31a5e