Debian 10228 Published by

Updated libtorrent-rasterbar packages has been released for Debian 7 LTS



Package : libtorrent-rasterbar
Version : 0.15.10-1+deb7u1
CVE ID : CVE-2016-5301
Debian Bug : 826380


A specially crafted HTTP response from a tracker (or potentially a UPnP
broadcast) can crash libtorrent in the parse_chunk_header() function.
Although this function is not present in this version, upstream's
additional sanity checks were added to abort the program if necessary
instead of crashing it.

For Debian 7 "Wheezy", these problems have been fixed in version
0.15.10-1+deb7u1.

We recommend that you upgrade your libtorrent-rasterbar packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS