{"id":"MGASA-2015-0428","summary":"Updated libtorrent-rasterbar packages fixes security vulnerability","details":"The lazy_bdecode function in BitTorrent DHT bootstrap server\n(bootstrap-dht ) allows remote attackers to execute arbitrary code via a\ncrafted packet, related to \"improper indexing.\" Note while this CVE was\nreported against BitTorrent DHT Bootstrapt server, the same vulnerable\ncode is available in libtorrent-rasterbar (CVE-2015-5685).\n","modified":"2026-01-31T06:32:37.442823Z","published":"2015-11-05T22:46:03Z","related":["CVE-2015-5685"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0428.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=16795"},{"type":"REPORT","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797046"}],"affected":[{"package":{"name":"libtorrent-rasterbar","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libtorrent-rasterbar?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.16.18-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0428.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}