Date: Tue, 12 Feb 2013 17:09:51 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Jan Lieskovsky <jlieskov@...hat.com>, Josselin Mouette <joss@...ian.org> Subject: Re: CVE request: Transmission can be made to crash remotely -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/11/2013 06:47 AM, Jan Lieskovsky wrote: > Hello Yves-Alexis, > > to follow up on this one. The source of the issue seems to be > underlying libutp code:  > https://trac.transmissionbt.com/ticket/5002#comment:22 > > more specifically the way how libutp (previously) handled selective > acknowledgements, which resulted in following two (libutp) > patches:  https://github.com/bittorrent/libutp/issues/38  > https://github.com/bittorrent/libutp/issues/37 > > Transmission upstream corrected this issue in v2.74:  > https://trac.transmissionbt.com/query?milestone=2.74&group=component&order=severity > > with the following patch:  > https://trac.transmissionbt.com/changeset/13646 > > Ad assigning CVE ids - I think one CVE id is enough. The problem is > in libutp code, and Transmission upstream seems to commit their own > change only due to libutp (un)responsiveness:  > https://trac.transmissionbt.com/ticket/5002#comment:32 > > Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat > Security Response Team > > P.S.: All the links from above at one place are at:  > https://bugzilla.redhat.com/show_bug.cgi?id=909934 > > ----- Original Message ----- On dim., 2013-02-10 at 11:50 +0100, > Josselin Mouette wrote: >> Package: transmission-daemon Version: 2.52-3 Severity: grave >> Tags: security patch upstream Justification: user security hole >> >> The transmission-daemon package in wheezy crashes regularly. >> According to upstream this is a remote security hole (at least a >> remote DoS, but most probably there is a way to take control of >> the process). >> >> https://trac.transmissionbt.com/ticket/5044 >> https://trac.transmissionbt.com/ticket/5002 >> >> Apparently there is no CVE assigned. The bug is fixed upstream >> and I’m attaching the patch. I’m currently testing a patched >> package, and will report whether the fix is sufficient. >> >> Could a CVE be assigned for this? >> >> Thanks in advance, -- Yves-Alexis Please use CVE-2012-6129 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRGtnOAAoJEBYNRVNeJnmTt20P/39GwILNRCBJUhOR/CYtypJB 5ORIowSXw4tJ0/MqlgTac3wcFfeM9X1GGxsYvfDBc1xVsXdchPBUsccZh5NnzVXQ bzuQCJFfRg3K4IEcxdyC4jYPxuKCGyk/KN0AZSjer122kXcskMnd2VGPOrgwgq9n F22j+2rXk9D5YoXAKpQituzJV0+hy9D209rVRyQ/CIEmq7FxNyPsN48x+liBfmwu XqXmIKPR0XtgK72obIBTiUmQO2C+maptpRBlkqUKHSL+mE+D0mLdAb+BzzU65/Iq s3ktGniPYuW9lm1QvDSfmWACevT48RHoLEYrOEzxAO47v3NGr0jKOdXwNNK1GvPV r9MDaPnVee27jpHORhDMPLBnRSWWwGJP51sSZCJtne3RFjeORfiwulk2umkL+27i L6023aEgur6UwmTtkrpAqLGz7RT8l0r/h1dVB3q4CeaEyAlJyrHggy/Mey1bpqVC Tz4J6IHxU/SbHPFcBLFG9xpqmfhUDG4jdUP/dSRMeF5LsizLORkKtyhrl+SMLClW dVcWCJrj1QQOmXrxdpI6W0U6rCnOsJ/UAE1hbxFyFvOeDv7JaF4xmnsuF7OGHTj9 SVegAoQO+fWllQHHRvhtl/I1Ga7MG5qJOI6V0oumyGp4mO+I2j2y3kPAFcblGSfp wk/1pgPxBMi92k7KPx0+ =ZqrS -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ