Ubuntu
transmission package

CVE-2018-5702: Mitigate dns rebinding attacks against daemon

Bug #1743473 reported by Etienne Papegnies
262
This bug affects 2 people
Affects Status Importance Assigned to Milestone
transmission (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Tavis Ormandy from Google's Project Zero reported a bug on the transmission security list on November 30th 2017

This is discussed here: https://github.com/transmission/transmission/pull/468

Fix for this issue was pushed to transmission/master, please apply the fix for Ubuntu.

Impact class: remote code execution.

CVE References

Simon Quigley (tsimonq2)
information type: Public → Public Security
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

https://usn.ubuntu.com/usn/usn-3533-1/

Changed in transmission (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.