diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-10-09 13:16:44 +0200 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-10-09 14:56:22 +0200 |
| commit | b4ad73f706196272589451ce3d223f3df029eea1 (patch) | |
| tree | 18a773d2bd5773a37ed0f7a0c55b7547af8d63ee | |
| parent | 71cc9d9fe829efd9c9b012c4cd1ece1d988b4869 (diff) | |
| download | bitcoin-b4ad73f706196272589451ce3d223f3df029eea1.tar.xz | |
Update miniupnpc to 1.9.20151008
This version of miniupnpc fixes a buffer overflow in the XML (ugh)
parser during initial network discovery.
http://talosintel.com/reports/TALOS-2015-0035/
The commit fixing the vulnerability is:
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
Reported by timothy on IRC.
Github-Pull: 6789
Rebased-From: 0cca0248f030ea32bd8de778b5a2782e0d191978
| -rw-r--r-- | depends/packages/miniupnpc.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/depends/packages/miniupnpc.mk b/depends/packages/miniupnpc.mk index 00101f1b91..77bae10c79 100644 --- a/depends/packages/miniupnpc.mk +++ b/depends/packages/miniupnpc.mk @@ -1,8 +1,8 @@ package=miniupnpc -$(package)_version=1.9.20140701 +$(package)_version=1.9.20151008 $(package)_download_path=http://miniupnp.free.fr/files $(package)_file_name=$(package)-$($(package)_version).tar.gz -$(package)_sha256_hash=26f3985bad7768b8483b793448ae49414cdc4451d0ec83e7c1944367e15f9f07 +$(package)_sha256_hash=e444ac3b587ce82709c4d0cfca1fe71f44f9fc433e9f946b12b9e1bfe667a633 define $(package)_set_vars $(package)_build_opts=CC="$($(package)_cc)" |