Updated libtorrent-rasterbar packages fix security vulnerability
Publication date: 05 Jul 2016Modification date: 05 Jul 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5301
Description
A specially crafted HTTP response from a tracker (or potentially a UPnP broadcast) can crash libtorrent-rasterbar in the parse_chunk_header() function. Although this function is not present in this version, upstream's additional sanity checks were added to abort the program if necessary instead of crashing it (CVE-2016-5301).
References
SRPMS
5/core
- libtorrent-rasterbar-0.16.18-1.2.mga5