[Bug 196351] net/libutp: backport fix for transmission crash (likely CVE-2012-6129)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jan 21 19:43:03 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196351
--- Comment #11 from Mikhail T. <mi at ALDAN.algebra.com> ---
Comment on attachment 151065
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=151065
files/patch-CVE-2012-6129
Jan, comparing third-party/libutp, that's bundled with Transmission against our
bittorrent-libutp-7c4f19a, I get exactly the same changes as above EXCEPT for
the following:
--- bittorrent-libutp-7c4f19a/utp_utils.cpp 2013-05-14 19:05:36.000000000
-0400
+++ libutp/utp_utils.cpp 2014-07-01 13:10:47.850913000 -0400
...
-#define UDP_TEREDO_MTU (TEREDO_MTU - IPV6_HEADER_SIZE - UDP_HEADER_SIZE)
+#define UDP_TEREDO_MTU (TEREDO_MTU - UDP_HEADER_SIZE)
It would seem to me, if we are bringing our libutp in line with what its main
(sole?) user expects, we should include all changes. Did you omit the change to
utp_utils.cpp on purpose? Thank you!
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list