-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2305-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 01, 2020 https://wiki.debian.org/LTS - -----------------------------------------------------------------------
Package : transmission Version : 2.92-2+deb9u2 CVE ID : CVE-2018-10756 Debian Bug : 961461 Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. For Debian 9 stretch, this problem has been fixed in version 2.92-2+deb9u2. We recommend that you upgrade your transmission packages. For the detailed security status of transmission please refer to its security tracker page at: https://security-tracker.debian.org/tracker/transmission Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Best, Utkarsh -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl8lrwcACgkQgj6WdgbD S5ZNXBAAgNj1Qbac2kci815NaiwXiZmxD/+eCBxUHHPzIQNVthWDkzvbGVgE6Erl q367YNLSZUn0qwn9yeQmsZs1uuWliv8zPL6r8CB7hUGJkIv0ijJx9uMQoTVftrV9 jeCzT00tdK9Ri5K91tHlCa0CviTiev0lma1/LxufokKZvAKCxuAOEcbQ0CO5UM9Z YIirhYe7nJJ+FHKzHY8RbvAvc1tturHllAsgFxBZtzxw9db2KVzi7qmzk0SG8EEA x6TEksfYzEwz45wQQBqs/ZGOmqWwbMWbUjlA+pBv2WW79wolv6MysofxqvMFWWF9 9POt9HWUFahRdjuWpcZITVZZj54IxYLAli4xmdsozHXAt704VaCt+t/D9QYZLiSX JJndlRqWv/Gh2BOCDc2mMIlbWevyPrKeGCViyLW3yzowpq/9yuLheWZQh2PL4n3Z k4JjOUGhUQfncOAmnCrfZrxKlhDiLhm548GL2IrvyNVEoIXLzLXJblWCqniTEpYZ 3ctT+etrjnznT4wqO6ynm7sQmF+NHhajEIZqiavVL571bQ+kz72lfM4WGJhVMiUt KPkRgfyDCAG7TYhMaQVm0X67SEbiYq+cbjYdPsFh/e6IiYhZUcnyViopC8MtabpX XiUCzCOcnRpdxdXg2Fl/QKibSKbfSzC0I9wo6BgzmQ3yXmRvuFk= =lyhd -----END PGP SIGNATURE-----
