[Buildroot] [PATCH] libminiupnpc: add upstream security fix for CVE-2017-8798

Peter Korsgaard peter at korsgaard.com
Sun May 21 22:00:46 UTC 2017


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221
 > through v2.0 allows remote attackers to cause a denial of service or
 > possibly have unspecified other impact.

 > For more details including a PoC, see:
 > https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list