Startsida Utforska Hjälp
Logga in
PUBLIC_REPOS
/
buildroot
spegling av git://git.buildroot.net/buildroot
2
1
Fork 0
Filer
Bläddra i källkod

package/libupnp: security bump to version 1.14.6

The server part of pupnp (libupnp) appears to be vulnerable to DNS-rebinding
attacks because it does not check the value of the `Host` header.

Fixes CVE-2021-29462

https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0f23267bc21e6b60d044226e55cb6ee87bc729db)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Jörg Krause 4 år sedan
förälder
dcf8b12ffd
incheckning
053b66cef5
2 ändrade filer med 2 tillägg och 2 borttagningar
Delad Vy Visa Diff Statistik
  1. 1 1
      package/libupnp/libupnp.hash
  2. 1 1
      package/libupnp/libupnp.mk

+ 1 - 1
package/libupnp/libupnp.hash
Visa fil 

@@ -1,3 +1,3 @@
 
 # Locally computed:
 
-sha256  227ffa407be6b91d4e42abee1dd27e4b8d7e5ba8d3d45394cca4e1eadc65149a  libupnp-1.14.5.tar.bz2
 
+sha256  3168f676352e2a6e45afd6ea063721ed674c99f555394903fbd23f7f54f0a503  libupnp-1.14.6.tar.bz2
 
 sha256  c8b99423cad48bb44e2cf52a496361404290865eac259a82da6d1e4331ececb3  COPYING

+ 1 - 1
package/libupnp/libupnp.mk
Visa fil 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-LIBUPNP_VERSION = 1.14.5
 
+LIBUPNP_VERSION = 1.14.6
 
 LIBUPNP_SOURCE = libupnp-$(LIBUPNP_VERSION).tar.bz2
 
 LIBUPNP_SITE = \
 
 	http://downloads.sourceforge.net/project/pupnp/release-$(LIBUPNP_VERSION)