projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e6213e8) | patch
libminiupnpc: add upstream security fix for CVE-2017-8798
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 19 May 2017 13:48:02 +0000 (15:48 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 21 May 2017 22:00:13 +0000 (00:00 +0200)
commita0c4cf0f9698ed109b97cb1e33f4070f505e3988
treeeb68cfe8419f2b2b58352092abc2fb20fad192betree
parente6213e8ee68cbb637997ff02abe7945ec1cc168ccommit | diff
libminiupnpc: add upstream security fix for CVE-2017-8798

CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
through v2.0 allows remote attackers to cause a denial of service or
possibly have unspecified other impact.

For more details including a PoC, see:
https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libminiupnpc/0001-miniupnpc-Fix-CVE-2017-8798.patch [new file with mode: 0644] blob