Bug 574527 (CVE-2010-0748, CVE-2010-0749) - CVE-2010-0748 CVE-2010-0749 Transmission: Two security fixes in upstream v1.92 version
Summary: CVE-2010-0748 CVE-2010-0749 Transmission: Two security fixes in upstream v1.9...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2010-0748, CVE-2010-0749
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://trac.transmissionbt.com/wiki/C...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-03-17 18:09 UTC by Jan Lieskovsky
Modified: 2019-09-29 12:35 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-03-22 19:27:08 UTC


Attachments (Terms of Use)

Description Jan Lieskovsky 2010-03-17 18:09:10 UTC
Transmission upstream has recently released latest,
v.1.92 version:
  [1] http://trac.transmissionbt.com/wiki/Changes

addressing two security issues:
  A, Fix potential buffer overflow when adding
     maliciously-crafted magnet links 
  References:
    [2] http://trac.transmissionbt.com/ticket/2965
    [3] http://trac.transmissionbt.com/wiki/Changes
    [4] http://bugs.gentoo.org/show_bug.cgi?id=309831

  Upstream patch:
    [5] http://trac.transmissionbt.com/changeset/10279

  B, Fix possible data corruption issue caused by data
     sent by bad peers during endgame
  References:
    [6] http://trac.transmissionbt.com/ticket/1242
    [7] http://trac.transmissionbt.com/ticket/1242#comment:1
    [8] http://trac.transmissionbt.com/wiki/Changes

  Upstream patch:
    [9] http://trac.transmissionbt.com/changeset/10325

CVE Request:
  [10] http://www.openwall.com/lists/oss-security/2010/03/17/12

Comment 1 Jan Lieskovsky 2010-03-17 18:15:58 UTC
These issues does NOT affect the current versions
of the transmission package, as shipped with Fedora
release of 11 and 12 (both issues has been already
addressed within transmission-1.92-1.fc12 and 
transmission-1.92-1.fc11 version).

Issue A, does NOT affect the version of the transmission
package, as shipped within EPEL5 repository (transmission-1.34
does NOT provide magnet links functionality / support yet).

Issue B, affects the version of the transmission package,
as shipped within EPEL5 repository (transmission-1.34-1.el5).
Though not complete sure this is a security issue (see [10]
for further details), filed this BZ just not to omit
potential security flaw.

Please fix.

Comment 2 Rahul Sundaram 2010-03-18 14:04:48 UTC
I don't maintain the EPEL branches. I am not sure anybody is.  Fedora branches have already been updated. Should I close this?

Comment 3 Josh Bressers 2010-03-22 19:27:08 UTC
I'm closing this, the EPEL branch doesn't seem to be well maintained, we don't plan on chasing it.

Comment 4 Jan Lieskovsky 2010-04-02 10:17:53 UTC
The CVE identifier of CVE-2010-0748 has been assigned for:
  [1] http://trac.transmissionbt.com/ticket/2965

Transmission issue.

The CVE identifier of CVE-2010-0749 has been assigned for:
  [2] http://trac.transmissionbt.com/ticket/1242
  [3] http://trac.transmissionbt.com/ticket/1242#comment:1

Transmission issue.


Note You need to log in before you can comment on or make changes to this bug.