Hi teams, Steve Manzuik reported me that several security fixes are waiting in our transmission ebuilds. http://transmission.m0k.org/trac/changeset/1534 Boundary errors, i haven't checked if all of them are exploitable, but it seems really non trivial. http://transmission.m0k.org/trac/changeset/1536 Potential integer overflow during the multiplication. Here too, exploitation would be non trivial, if possible. Arches, please test and mark stable a 0.7x version. 0.72 has been in portage without change for 1 month. Or Saleem, do you prefer to stabilize another 0.7x version? Thanks
x86 stable
amd64 done
stable on ppc.
simple DoS, i vote noglsa. Please double-check my analysis (comment #0) and vote too.
Haven't had time to analyse the code snippets, but if it's a simple DoS I would vote NO too.
voting NO.
Closing. Feel free to reopen if the above analysis is not correct.