diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-10-09 13:16:44 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-10-09 14:54:20 +0200 |
commit | 093d7b5895b7dddd98d929fc3851265970b995b7 (patch) | |
tree | acee58f114213ab56886626d9c970ecfc87ababb | |
parent | 1cea6b0dee0b0f10d5f41433e27c70213a4c531f (diff) |
Update miniupnpc to 1.9.20151008
This version of miniupnpc fixes a buffer overflow in the XML (ugh)
parser during initial network discovery.
http://talosintel.com/reports/TALOS-2015-0035/
The commit fixing the vulnerability is:
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
Reported by timothy on IRC.
Github-Pull: #6789
Rebased-From: 0cca0248f030ea32bd8de778b5a2782e0d191978
-rw-r--r-- | depends/packages/miniupnpc.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/depends/packages/miniupnpc.mk b/depends/packages/miniupnpc.mk index 00101f1b91..77bae10c79 100644 --- a/depends/packages/miniupnpc.mk +++ b/depends/packages/miniupnpc.mk @@ -1,8 +1,8 @@ package=miniupnpc -$(package)_version=1.9.20140701 +$(package)_version=1.9.20151008 $(package)_download_path=http://miniupnp.free.fr/files $(package)_file_name=$(package)-$($(package)_version).tar.gz -$(package)_sha256_hash=26f3985bad7768b8483b793448ae49414cdc4451d0ec83e7c1944367e15f9f07 +$(package)_sha256_hash=e444ac3b587ce82709c4d0cfca1fe71f44f9fc433e9f946b12b9e1bfe667a633 define $(package)_set_vars $(package)_build_opts=CC="$($(package)_cc)" |