Bug#971915: marked as done (buster-pu: package transmission/2.94-2+deb10u2)

[Debian Bug Tracking System]

Your message dated Sat, 05 Dec 2020 11:02:00 +0000
with message-id 
<b70f86aac27195271a9b5212c7acc936da6ff100.ca...@adam-barratt.org.uk>
and subject line Closing bugs for updates in 10.7 point release
has caused the Debian Bug report #971915,
regarding buster-pu: package transmission/2.94-2+deb10u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
971915: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971915
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: mo...@debian.org

[ Reason ]
Fixes a memory leak when running Transmission in daemon mode.

[ Tests ]
Have been using the package since a few weeks and the user
who reported the leak (running an affected setup) confirmed
that it fixes the leak.

Cheers,
        Moritz

diff -Nru transmission-2.94/debian/changelog transmission-2.94/debian/changelog
--- transmission-2.94/debian/changelog  2020-05-29 00:05:53.000000000 +0200
+++ transmission-2.94/debian/changelog  2020-08-31 20:43:20.000000000 +0200
@@ -1,3 +1,9 @@
+transmission (2.94-2+deb10u2) buster; urgency=medium
+
+  * Fix mem leak (Closes: #968097)
+
+ -- Moritz Mühlenhoff <j...@debian.org>  Mon, 31 Aug 2020 20:43:20 +0200
+
 transmission (2.94-2+deb10u1) buster; urgency=medium
 
   * CVE-2018-10756 (Closes: #961461)
diff -Nru transmission-2.94/debian/patches/CVE-2018-10756-2.patch 
transmission-2.94/debian/patches/CVE-2018-10756-2.patch
--- transmission-2.94/debian/patches/CVE-2018-10756-2.patch     1970-01-01 
01:00:00.000000000 +0100
+++ transmission-2.94/debian/patches/CVE-2018-10756-2.patch     2020-08-31 
20:43:15.000000000 +0200
@@ -0,0 +1,16 @@
+Fixes mem leak introduced in backport for CVE-2018-10756
+
+--- transmission-2.94.orig/libtransmission/variant.c
++++ transmission-2.94/libtransmission/variant.c
+@@ -873,7 +873,10 @@ static void
+ nodeDestruct (struct SaveNode * node)
+ {
+   if (node->v == node->sorted)
+-    tr_free (node->sorted->val.l.vals);
++    {
++      tr_free (node->sorted->val.l.vals);
++      tr_free (node->sorted);
++    }
+ }
+ 
+ /**
diff -Nru transmission-2.94/debian/patches/series 
transmission-2.94/debian/patches/series
--- transmission-2.94/debian/patches/series     2020-05-29 00:05:53.000000000 
+0200
+++ transmission-2.94/debian/patches/series     2020-08-31 20:42:50.000000000 
+0200
@@ -5,3 +5,4 @@
 ayatana-indicators.patch
 patch-vendored-libdht.patch
 CVE-2018-10756.patch
+CVE-2018-10756-2.patch

--- End Message ---

--- Begin Message ---

Package: release.debian.org
Version: 10.7

Hi,

Each of the updates referenced by these bugs was included in this
morning's buster 10.7 point release.

Regards,

Adam

--- End Message ---