Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Feb 2013 13:22:28 +0100
From: Yves-Alexis Perez <>
Cc:, Josselin Mouette <>
Subject: CVE request: Transmission can be made to crash remotely

On dim., 2013-02-10 at 11:50 +0100, Josselin Mouette wrote:
> Package: transmission-daemon
> Version: 2.52-3
> Severity: grave
> Tags: security patch upstream
> Justification: user security hole
> The transmission-daemon package in wheezy crashes regularly. According 
> to upstream this is a remote security hole (at least a remote DoS, but 
> most probably there is a way to take control of the process).
> Apparently there is no CVE assigned. The bug is fixed upstream and I’m 
> attaching the patch. I’m currently testing a patched package, and will 
> report whether the fix is sufficient.
Could a CVE be assigned for this?

Thanks in advance,

Download attachment "signature.asc" of type "application/pgp-signature" (491 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ