Bug 8165 - transmission new security issue CVE-2012-4037
Summary: transmission new security issue CVE-2012-4037
Status: RESOLVED WONTFIX
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: i586 Linux
Priority: Normal major
Target Milestone: ---
Assignee: Damien Lallement
QA Contact:
URL: http://lwn.net/Vulnerabilities/517656/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-20 16:33 CET by David Walser
Modified: 2012-12-02 14:31 CET (History)
0 users

See Also:
Source RPM: transmission-2.22-1.1.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-11-20 16:33:43 CET 
Ubuntu has issued an advisory on September 26:
http://www.ubuntu.com/usn/usn-1584-1/

We issued an update for this for Mageia 2 on October 29:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0314

The QA team found it is relevant on Mageia 1 as well, but we didn't fix it:
https://bugs.mageia.org/show_bug.cgi?id=7590#c6

You can also find the PoC on the previous bug.
Comment 1 Manuel Hiebel 2012-12-02 14:31:20 CET 
Mageia 1 changed to end-of-life (EOL) status on ''1st December''. Mageia 1 is no 
longer maintained, which means that it will not receive any further security or 
bug fix updates. As a result we are closing this bug. 

If you can reproduce this bug against a currently maintained version of Mageia 
please feel free to click on "Version" change it against that version of Mageia and reopen this bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

--
Mageia Bugsquad

Status: NEW => RESOLVED
Resolution: (none) => WONTFIX
Note You need to log in before you can comment on or make changes to this bug.