MGASA-2016-0234

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0234.html

Import Source

https://advisories.mageia.org/MGASA-2016-0234.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0234

Related

CVE-2016-5301

Published

2016-07-05T15:47:08Z

Modified

2016-07-05T15:35:48Z

Summary

Updated libtorrent-rasterbar packages fix security vulnerability

Details

A specially crafted HTTP response from a tracker (or potentially a UPnP broadcast) can crash libtorrent-rasterbar in the parsechunkheader() function. Although this function is not present in this version, upstream's additional sanity checks were added to abort the program if necessary instead of crashing it (CVE-2016-5301).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / libtorrent-rasterbar

Package

Name: libtorrent-rasterbar
Purl: pkg:rpm/mageia/libtorrent-rasterbar?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.16.18-1.2.mga5

Ecosystem specific

{
    "section": "core"
}