Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3,
1.2.0, and other versions allows remote attackers to cause a denial
of service (crash) and possibly execute arbitrary code via unknown
Can we go stable with aria2-1.5.2?
A vulnerability was now found in 1.5.2 as well. Backporting the patch would be fairly simple (as it's only about removing a single line), but I would suggest following upstream and bumping to 1.6.2 and stabilizing that.
Format string vulnerability in the AbstractCommand::onAbort function
in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is
enabled, allows remote attackers to execute arbitrary code or cause a
denial of service (application crash) via format string specifiers in
a download URI. NOTE: some of these details are obtained from third
1.6.3 is in the tree, all tests pass.
(In reply to comment #4)
> 1.6.3 is in the tree, all tests pass.
Thank you. I just noticed 1.6.2 has been in the tree since 11 Oct as well. Do you want 1.6.2 or 1.6.3 to go stable now?
1.6.3 contains more bugfixes, so go for 1.6.3 if possible
Arches, please test and mark stable:
Target keywords : "amd64 x86"
amd64 stable, all arches done.
... and vulnerable version is gone.
GLSA 201001-06, thanks everyone.