Back to minissdpd PTS page

Accepted minissdpd 1.2.20130907-3+deb8u1 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 24 Oct 2016 22:46:46 +0100
Source: minissdpd
Binary: minissdpd
Architecture: source
Version: 1.2.20130907-3+deb8u1
Distribution: jessie
Urgency: high
Maintainer: Thomas Goirand <zigo@debian.org>
Changed-By: James Cowgill <jcowgill@debian.org>
Description:
 minissdpd  - keep memory of all UPnP devices that announced themselves
Closes: 816759
Changes:
 minissdpd (1.2.20130907-3+deb8u1) jessie; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2016-3178 and CVE-2016-3179. (Closes: #816759)
     The minissdpd daemon contains a improper validation of array index
     vulnerability (CWE-129) when processing requests sent to the Unix
     socket at /var/run/minissdpd.sock the Unix socket can be accessed
     by an unprivileged user to send invalid request causes an
     out-of-bounds memory access that crashes the minissdpd daemon.
Checksums-Sha1:
 1d4e123c34c7e3d23a1d61ead86f4be2dcfd4ecd 1912 minissdpd_1.2.20130907-3+deb8u1.dsc
 515c45758c0e8220012c8687a60fefd1526ae7eb 6440 minissdpd_1.2.20130907-3+deb8u1.debian.tar.xz
Checksums-Sha256:
 2104bb177beee002212ea9fac5eafb848b666bdcda10b1cf6833e30dba395b41 1912 minissdpd_1.2.20130907-3+deb8u1.dsc
 7fb1982fcb81b2d4eb62b1fff2ad43bdc24e52a59a5e8d743d966630d00e61db 6440 minissdpd_1.2.20130907-3+deb8u1.debian.tar.xz
Files:
 bafcb48b4c6d0f6bc69716a2aabc7ee0 1912 net optional minissdpd_1.2.20130907-3+deb8u1.dsc
 134860e3a3a12933aa9f2198ab666098 6440 net optional minissdpd_1.2.20130907-3+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYGK9vAAoJEMfxZ23qLQHvw50QAIJOvs9LdZJnXS4scrWyxQft
Lc8EO1M6OszA6GVB1GuQdZb0YQNFBIB5Pi2Lnqw6TI3Rv40SFrSfRy876fPGk+TS
5aR1ChzksDcDWsuFje2QYVdxhkZ4w5j6v9iIYrUpmXwuY7oa5+5f6VF1O4gxGVVT
oWwJGw0HRAKyY2M8qwa0tZIcE7JeNBrv7/qjM+2IJDdwclMPGGjy/RE8yKGz7DyK
YfQ11Z0uIELwT7tnHZq9LF61w1BpUIV3Iibs3TgLdmtJTJdjoxqcBf2yAO6T8aCa
yA/P8uPNNmgFvxaC2tn3cfwzmmnep+15Gl6aBcDAdEw/R0kZ4CAAyfxl9ScLuVg6
fhsVGcH48AcdLQDod0XRQKFMKQMj1mnSe2b2P3eqIZHWw9r4cpe3MmMc0RGACSVF
oGfvX5ANF6xylg+23mnvF6PhOkjEkQ6NVTS39j7ycBajwTnXyUA0AYtAq2vBfHJH
hsRiC7ZiEmmlvKDKexySUlPu9YmfwGeewDBNCJXTnDDMlUOqtiPPEClvtQYaSDCk
s/csE+7ceIXIH0lAb9yh8usA/d3XX4NzFamw4TSeyPXXctFYgDz+HhvjM4HF9Tak
OT131qfyKIaLPwFMkDk6c7T0GwxIduLd/RKRPwt3oQXBqaKEmKDBagEjVRkO78OO
T4ZVSaD34S+C9Tlfedch
=nQVr
-----END PGP SIGNATURE-----