Control: retitle 700234 transmission-daemon: CVE-2012-6129: Transmission can be made to crash remotely
Hi On Sun, Feb 10, 2013 at 01:22:28PM +0100, Yves-Alexis Perez wrote: > On dim., 2013-02-10 at 11:50 +0100, Josselin Mouette wrote: > > Package: transmission-daemon > > Version: 2.52-3 > > Severity: grave > > Tags: security patch upstream > > Justification: user security hole > > > > The transmission-daemon package in wheezy crashes regularly. According > > to upstream this is a remote security hole (at least a remote DoS, but > > most probably there is a way to take control of the process). > > > > https://trac.transmissionbt.com/ticket/5044 > > https://trac.transmissionbt.com/ticket/5002 > > > > Apparently there is no CVE assigned. The bug is fixed upstream and I???m > > attaching the patch. I???m currently testing a patched package, and will > > report whether the fix is sufficient. > > > Could a CVE be assigned for this? A CVE was assigned to this now: CVE-2012-6129. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
