Transmission 1.92 (2010/03/14)
* Fix potential buffer overflow when adding maliciously-crafted magnet links
And CVE-2010-0749 fixed in this release too. Strange that they are blank at cvs.mitre.org, but filled in other places.
Tested on x86, seems to be ok.
x86 stable, thanks Andreas
ppc done; closing as last arch
Reopening since this is a security bug.
Multiple stack-based buffer overflows in the tr_magnetParse function
in libtransmission/magnet.c in Transmission 1.91 allow remote
attackers to cause a denial of service (crash) or possibly execute
arbitrary code via a crafted magnet URL with a large number of (1) tr
or (2) ws links.
glsa request filed