2016-03-15
ALT-BU-2016-2641-1
Branch p7 update bulletin.
Package transmission updated to version 2.92-alt0.M70P.1.1 for branch p7 in task 161237.
Closed vulnerabilities
Published: 2014-07-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-4909
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Severity: MEDIUM (6.8)
References:
- http://inertiawar.com/submission.go
- http://inertiawar.com/submission.go
- FEDORA-2014-8331
- FEDORA-2014-8331
- openSUSE-SU-2014:0980
- openSUSE-SU-2014:0980
- 59897
- 59897
- 60108
- 60108
- 60527
- 60527
- DSA-2988
- DSA-2988
- [oss-security] 20140710 CVE request: transmission peer communication vulnerability
- [oss-security] 20140710 CVE request: transmission peer communication vulnerability
- [oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability
- [oss-security] 20140711 Re: CVE request: transmission peer communication vulnerability
- 108997
- 108997
- 68487
- 68487
- USN-2279-1
- USN-2279-1
- https://bugs.gentoo.org/show_bug.cgi?id=516822
- https://bugs.gentoo.org/show_bug.cgi?id=516822
- https://bugzilla.redhat.com/show_bug.cgi?id=1118290
- https://bugzilla.redhat.com/show_bug.cgi?id=1118290
- https://trac.transmissionbt.com/wiki/Changes#version-2.84
- https://trac.transmissionbt.com/wiki/Changes#version-2.84
- https://twitter.com/benhawkes/statuses/484378151959539712
- https://twitter.com/benhawkes/statuses/484378151959539712
Closed bugs
Не создаётся лог файл
Downloads/ is not accessible for anyone because the containing dir is not traversable
Неверная подсказка в /etc/init.d/transmission-daemon
Closed bugs
`samba-tool domain provision' опять взрывается