Bug 8165

Summary: transmission new security issue CVE-2012-4037
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Damien Lallement <mageia>
Status: RESOLVED WONTFIX QA Contact:
Severity: major    
Priority: Normal    
Version: 1   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/517656/
Whiteboard:
Source RPM: transmission-2.22-1.1.mga1.src.rpm CVE:
Status comment:

Description David Walser 2012-11-20 16:33:43 CET 
Ubuntu has issued an advisory on September 26:
http://www.ubuntu.com/usn/usn-1584-1/

We issued an update for this for Mageia 2 on October 29:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0314

The QA team found it is relevant on Mageia 1 as well, but we didn't fix it:
https://bugs.mageia.org/show_bug.cgi?id=7590#c6

You can also find the PoC on the previous bug.
Comment 1 Manuel Hiebel 2012-12-02 14:31:20 CET 
Mageia 1 changed to end-of-life (EOL) status on ''1st December''. Mageia 1 is no 
longer maintained, which means that it will not receive any further security or 
bug fix updates. As a result we are closing this bug. 

If you can reproduce this bug against a currently maintained version of Mageia 
please feel free to click on "Version" change it against that version of Mageia and reopen this bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

--
Mageia Bugsquad

Status: NEW => RESOLVED
Resolution: (none) => WONTFIX