libtorrent-rasterbar 1.2.12 and 1.2.13 have been released on Jan 5 and Mar 28: https://github.com/arvidn/libtorrent/releases/tag/v1.2.12 https://github.com/arvidn/libtorrent/releases/tag/v1.2.13 They fix a few security-relevant issues (SSRF and overflows). We should update it for Mageia 8.
Done for mga8!
Advisory: ---------------------------------------- The libtorrent-rasterbar package has been updated to version 1.2.13, fixing various bugs. See the release announcements for details. References: https://github.com/arvidn/libtorrent/releases/tag/v1.2.12 https://github.com/arvidn/libtorrent/releases/tag/v1.2.13 ---------------------------------------- Updated packages in core/updates_testing: ---------------------------------------- libtorrent-rasterbar10-1.2.13-1.mga8 python3-libtorrent-rasterbar-1.2.13-1.mga8 libtorrent-rasterbar-devel-1.2.13-1.mga8 from libtorrent-rasterbar-1.2.13-1.mga8.src.rpm
CC: (none) => geiger.david68210Assignee: geiger.david68210 => qa-bugs
Used "urpmq --whatrequires-recursive" to learn what uses libtorrent-rasterbar, and come up with deluge, a Gtk+ client. So, using a VirtualBox Gnome guest, I installed the 64-bit version of Deluge, which brought in the two non-devel libtorrent-rasterbar rpms as dependencies. Using qarepo, I updated the two non-devel libtorrent-rasterbar rpms, with no installation issues. Using Firefox, I went to https://www.publicdomaintorrents.info/ and selected the torrent for "Attack of the Giant Leeches" and instructed Firefox to open it with Deluge. After my OK, Deluge downloaded the file. I looked at various information windows, and all looked normal to me, though (full disclosure) this was the first time I had used the application. When the file finished downloading Deluge starting seeding it. The downloaded file played normally in a video player. (Not the best movie I've ever seen. Maybe I should have selected "Destroy All Planets...") All perfectly normal, no issues noted. Giving this an OK, and validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsWhiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => ouaurelien
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2021-0126.html
Status: NEW => RESOLVEDResolution: (none) => FIXED