From ${URL} : A stack-based buffer overflow flaw was found in the way Transmission, a free, lightweight BitTorrent client, performed connection acknowledgements processing. A remote attacker could issue a specially-crafted request that, when processed would lead to transmission-daemon crash. Upstream ticket: [1] https://trac.transmissionbt.com/ticket/5002 Source of the problem: [2] https://trac.transmissionbt.com/ticket/5002#comment:22 Libutp patches: [3] https://github.com/bittorrent/libutp/issues/38 [4] https://github.com/bittorrent/libutp/issues/37 Relevant transmission upstream patch: [5] https://trac.transmissionbt.com/changeset/13646 Other references: [6] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700234 [7] http://www.openwall.com/lists/oss-security/2013/02/10/2
*** Bug 459140 has been marked as a duplicate of this bug. ***
jer@ What made you put <2.74 to $summary? It's version 2.77 which should fix this, not the 2.76 which is already in Portage.
Because https://trac.transmissionbt.com/ticket/5002 (comments 32-4) says it was noticed in 2.61 and fixed in 2.74. Please correct me if I'm wrong.
In https://bugs.gentoo.org/show_bug.cgi?id=459140 I wrote 2.77 is released. Why don't you let it in the tree then you can throw the buggy versions away and all is fine. Perhaps 2.77 should get the stable flag.
@jer okay, thanks for clarifying since current stable is .73 we can use this bug to stablize .77 which is now in portage please test and stabilize: =net-p2p/transmission-2.77
amd64 stable
x86 stable
...
(In reply to comment #8) > ... I don't know what your three points mean. The rule is: "<" "$package" "-" "$version" where $version is the first unaffected version in the main tree. Where do you see the 2.74 in the tree? Keywords for net-p2p/transmission: | | u | | a a p s | n | | l m h i m m p s p | u s | r | p d a p a 6 i p c 3 a x | s l | e | h 6 r p 6 8 p p 6 9 s r 8 | e o | p | a 4 m a 4 k s c 4 0 h c 6 | d t | o --------+---------------------------+-----+------- 2.73 | o + ~ o o o o + + o o o + | o 0 | gentoo 2.76 | o ~ ~ o o o o ~ ~ o o o ~ | # | gentoo [I]2.77 | o + ~ o o o o ~ ~ o o o + | o | gentoo If you don't know please don't touch.
OK, I'll apply your rule then...
Agostino, Jeroen: If you look at history of bug 457792 where 0.100.1 is still in tree but not meant to be stabilized and 0.100.2 is the stabilization target. Both are fixed for the security bug. It seems you guys, at least Agostino, are conflicting the very same policies referred here Anyway, this is offtopic in this bug, but please fix the policy
(In reply to comment #10) > OK, I'll apply your rule then... I guess it was obvious that is the first stable unaffected.
ppc stable
ppc64 stable
Thank you all for adding 6 extra useless emails to my inbox. Now, please stop modifying this bug unless you are in the "Assigned to" field above. GLSA vote: no.
CVE-2012-6129 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6129): Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."
GLSA vote: no Closing as noglsa
