[Buildroot] [PATCH] libminiupnpc: add upstream security fix for CVE-2017-8798
Peter Korsgaard
peter at korsgaard.com
Thu Jun 1 14:07:36 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
> through v2.0 allows remote attackers to cause a denial of service or
> possibly have unspecified other impact.
> For more details including a PoC, see:
> https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list