UbuntuUpdates.org

Package "miniupnpc"

Name: miniupnpc

Description:

UPnP IGD client lightweight library client
Latest version: 1.6-3ubuntu2.14.04.4
Release: trusty (14.04)
Level: security
Repository: universe
Homepage: http://miniupnp.free.fr/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "miniupnpc"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "miniupnpc" in Trusty

Repository Area Version
base main 1.6-3ubuntu2
base universe 1.6-3ubuntu2
security main 1.6-3ubuntu2.14.04.4
updates main 1.6-3ubuntu2.14.04.4
updates universe 1.6-3ubuntu2.14.04.4

Changelog

Version: 1.6-3ubuntu2.14.04.4 2018-02-08 17:06:58 UTC

  miniupnpc (1.6-3ubuntu2.14.04.4) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple overflows
    - upnpreplyparse.c: properly initialize data structure for SOAP
      parsing.
    - minixml.c: fix heap buffer overflow.
    - CVE-2017-1000494

 -- Marc Deslauriers <email address hidden> Wed, 31 Jan 2018 13:49:17 -0500
Source diff to previous version

Version: 1.6-3ubuntu2.14.04.3 2017-05-24 14:06:45 UTC

  miniupnpc (1.6-3ubuntu2.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: integer signedness error
    - miniwget.c: fix comparisons.
    - https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
    - CVE-2017-8798
  * SECURITY UPDATE: buffer overflow in simpleUPnPcommand2
    - miniupnpc.c: perform better checking while writing buffer.
    - https://github.com/miniupnp/miniupnp/commit/fb02299fffd62fe8584f26aa69547266488e002e
    - No CVE number

 -- Marc Deslauriers <email address hidden> Fri, 19 May 2017 11:38:20 -0400
Source diff to previous version
CVE-2017-8798 Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspe

Version: 1.6-3ubuntu2.14.04.2 2015-10-20 22:06:48 UTC

  miniupnpc (1.6-3ubuntu2.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in XML parser (LP: #1506017)
    - igd_desc_parse.c: fix buffer overflow in
    - https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
    - CVE-2015-6031

 -- Steve Beattie Thu, 15 Oct 2015 17:41:05 -0700
Source diff to previous version
1506017 TALOS-2015-0035 (CVE-2015-6031)
CVE-2015-6031 RESERVED

Version: 1.6-3ubuntu2.14.04.1 2014-07-16 16:06:53 UTC

  miniupnpc (1.6-3ubuntu2.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow
    - miniwget.c: properly check length
    - https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
    - CVE-2014-3985
 -- Marc Deslauriers <email address hidden> Thu, 26 Jun 2014 16:24:09 -0400
CVE-2014-3985 buffer overflow in miniupnpc


About   -   Send Feedback to @ubuntu_updates