[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1246-1] transmission security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : transmission
Version        : 2.52-3+nmu3
CVE ID         : CVE-2018-5702
Debian Bug     : 886990

Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent
client; insecure RPC handling between the Transmission daemon and the
client interface(s) may result in the execution of arbitrary code if a
user visits a malicious website while Transmission is running.

For Debian 7 "Wheezy", these problems have been fixed in version
2.52-3+nmu3.

We recommend that you upgrade your transmission packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlphJQAACgkQnUbEiOQ2
gwKiqw/+Jya2f3vZ0avveAG4hUWnK1kYAqTRG+msYpt5P16E/egk8D2v3vZcGvn8
M16TSnsGjN60LU3AB9cYAutltlZrjKYgz/dvCiFoyJ1usNyqhGKiHB/30MrDgAuU
tHXJocOZleAaebVVoaWf1uYni2A6ZKfD7njXcN5d84U2QPhfgKIcjtWSrmRHvwox
Vt7Q/NZhTXtmKoRbc9p9kjXINsGqeW/ZN1Ks7cCdNmthDd4Dd78vCvgSfLNhvHdV
h8MQZ5T7xXgDjLX1Jq9VH1XrxJtKyVBGUWAdPGYNmy832XWT8JBBxoPt2ktbFrMy
yCqjKe1t/RFfgQfFenIpz2kkESBjjjERzMontvI0c9bngazHUdVWexCtt9BGJQwO
Vqh5wxfJG7h/7M2urpRkr88H/WGHZN51UYrOzlmmk+wdJXpKQ64ZW0vEGnLA7+rN
5CquyIeby+ePgcnTa84p/FuL7mTplqGMEDuRHR/Jkr5W1h+cs1aqUz2XHD/ZmTZw
dnDD1TKW9p1JXDZw8itphdSWFsC4mqzglcGtKvm5JKkgNGoIJvzRQYtjDdpAkP8/
5tIEcJijMVSF+hqryxODmnLHNdx7Quo5d6WH3HP7t/op4hwdcnE0LHNNyUstdhKj
SpJXXVeX0LLw+04KuQvvHkw235wszwg426gFx9jmkxvaEP3HDKU=
=nzBD
-----END PGP SIGNATURE-----
Reply to: