Merge #15993: net: Drop support of the insecure miniUPnPc versions

59cb722fd050393a69f1e0df97d857c893d19d80 Update configure to reject unsafe miniUPnPc API ver (Hennadii Stepanov) ab2190557ec2757fa48b52855b05561854af49af doc: Add release notes for 15993 (Hennadii Stepanov) 02709e95601c6020a87a6a05ee1d00c13fc38f9b Align formatting with clang-format (Hennadii Stepanov) 91a1b8508358d04685391651aea303ebce1c3d05 Use PACKAGE_NAME in UPnP description (Hennadii Stepanov) 9f76e45b9d6671e2074fb7a3885db703045a791f Drop support of insecure miniUPnPc versions (Hennadii Stepanov) Pull request description: 1. Minimum supported miniUPnPc API version is set to 10: - https://packages.ubuntu.com/xenial/libminiupnpc-dev - https://packages.debian.org/jessie/libminiupnpc-dev Refs: - #6583 - #6789 - #10414 2. The hardcoded "Bitcoin" replaced with `PACKAGE_NAME`: ![Screenshot from 2019-05-06 23-10-29](https://user-images.githubusercontent.com/32963518/57253178-afc60780-7056-11e9-83c9-e85670c58c1e.png) 3. Also style-only commit applied. Pardon: could not reopen my previous PR #15966. ACKs for top commit: ryanofsky: utACK 59cb722fd050393a69f1e0df97d857c893d19d80. Changes since last review: adding a new commit which updates configure script to fall back to disabling upnp if version is too old, adding a requested comment explaining static_assert condition, and fixing a spelling (jessy/jessie) Tree-SHA512: 42ed11bc2fb2ec83d5dd58e2383da5444a24fd572707f6cf10b622cb8943e28adfcca4750d06801024c4472625b5ea9279516fbd9d2ccebc9bbaafe1d148e80d
author: Wladimir J. van der Laan <laanwj@gmail.com> 2019-07-29 16:41:54 +0200
committer: Wladimir J. van der Laan <laanwj@gmail.com> 2019-07-29 16:51:36 +0200
commit: b21acab82fe9ccc73b40179b8d3538f5b4cfa73f (patch)
tree: 1d08fe2c6b73bcbfa0cab9e7db07de0cbebbd3ce /doc
parent: 74ea1f3b0f268b0272f8b3548c736dc60f442f78 (diff)
parent: 59cb722fd050393a69f1e0df97d857c893d19d80 (diff)
download: bitcoin-b21acab82fe9ccc73b40179b8d3538f5b4cfa73f.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/release-notes-15993.md b/doc/release-notes-15993.md
new file mode 100644
index 0000000000..493c7126ee
--- /dev/null
+++ b/doc/release-notes-15993.md
@@ -0,0 +1,3 @@
+Build system changes
+--------------------
+The minimum supported miniUPnPc API version is set to 10. This keeps compatibility with Ubuntu 16.04 LTS and Debian 8 `libminiupnpc-dev` packages. Please note, on Debian this package is still vulnerable to [CVE-2017-8798](https://security-tracker.debian.org/tracker/CVE-2017-8798) (in jessie only) and [CVE-2017-1000494](https://security-tracker.debian.org/tracker/CVE-2017-1000494) (both in jessie and in stretch).
author	Wladimir J. van der Laan <laanwj@gmail.com>	2019-07-29 16:41:54 +0200
committer	Wladimir J. van der Laan <laanwj@gmail.com>	2019-07-29 16:51:36 +0200
commit	b21acab82fe9ccc73b40179b8d3538f5b4cfa73f (patch)
tree	1d08fe2c6b73bcbfa0cab9e7db07de0cbebbd3ce /doc
parent	74ea1f3b0f268b0272f8b3548c736dc60f442f78 (diff)
parent	59cb722fd050393a69f1e0df97d857c893d19d80 (diff)
download	bitcoin-b21acab82fe9ccc73b40179b8d3538f5b4cfa73f.tar.xz