Nom du paquet
libupnp
Date
2013-04-10
Advisory ID
MDVSA-2013:098
Affected versions
MBS1 x86_64

Problem description

Updated libupnp packages fix security vulnerabilities:

The Portable SDK for UPnP Devices libupnp library contains multiple
buffer overflow vulnerabilities. Devices that use libupnp may also
accept UPnP queries over the WAN interface, therefore exposing the
vulnerabilities to the internet (CVE-2012-5958, CVE-2012-5959,
CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963,
CVE-2012-5964, CVE-2012-5965).

Updated packages

MBS1 x86_64

 e1a84a18b2e770dbce77c11d0155a1f9  mbs1/x86_64/lib64ixml2-1.6.15-2.1.mbs1.x86_64.rpm
 e1d530a001d425d49eddc2ec2dc999d5  mbs1/x86_64/lib64threadutil6-1.6.15-2.1.mbs1.x86_64.rpm
 17c487876aaac30cf97b9ff616b90bf7  mbs1/x86_64/lib64upnp6-1.6.15-2.1.mbs1.x86_64.rpm
 685671dfa94ec5145568712ff5d805cd  mbs1/x86_64/lib64upnp-devel-1.6.15-2.1.mbs1.x86_64.rpm 
 2416afd16222310951a75ae68083e38c  mbs1/SRPMS/libupnp-1.6.15-2.1.mbs1.src.rpm

References