MGASA-2020-0235 - Updated transmission packages fix security vulnerability

Publication date: 27 May 2020
URL: https://advisories.mageia.org/MGASA-2020-0235.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2018-10756

Updated transmission packages fix security vulnerability:

Use-after-free in libtransmission/variant.c in Transmission
before 3.00 allows remote attackers to cause a denial of service
(crash) or possibly execute arbitrary code via a crafted torrent
file (CVE-2018-10756).

References:
- https://bugs.mageia.org/show_bug.cgi?id=26656
- https://github.com/transmission/transmission/commit/2123adf8e5e1c2b48791f9d22fc8c747e974180e
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10756

SRPMS:
- 7/core/transmission-2.94-4.1.mga7