Transmission upstream has recently released latest,
addressing two security issues:
A, Fix potential buffer overflow when adding
maliciously-crafted magnet links
B, Fix possible data corruption issue caused by data
sent by bad peers during endgame
These issues does NOT affect the current versions
of the transmission package, as shipped with Fedora
release of 11 and 12 (both issues has been already
addressed within transmission-1.92-1.fc12 and
Issue A, does NOT affect the version of the transmission
package, as shipped within EPEL5 repository (transmission-1.34
does NOT provide magnet links functionality / support yet).
Issue B, affects the version of the transmission package,
as shipped within EPEL5 repository (transmission-1.34-1.el5).
Though not complete sure this is a security issue (see 
for further details), filed this BZ just not to omit
potential security flaw.
I don't maintain the EPEL branches. I am not sure anybody is. Fedora branches have already been updated. Should I close this?
I'm closing this, the EPEL branch doesn't seem to be well maintained, we don't plan on chasing it.
The CVE identifier of CVE-2010-0748 has been assigned for:
The CVE identifier of CVE-2010-0749 has been assigned for: