| Age | Commit message (Collapse) | Author |
|---|
|
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available.
Even if we potentially check the integrity of the downloaded files via hash comparison, we should make
use of this additional security layer.
bdb.mk
fontconfig.mk
freetype.mk
libX11.mk
libXau.mk
libXext.mk
libxcb.mk
native_cctools.mk
native_cdrkit.mk
xcb_proto.mk
xextproto.mk
xproto.mk
xtrans.mk
zlib.mk
miniupnp was switched to official project mirror with SSL support
|
|
|
|
|
|
|
|
|
|
|
|
2016/01/24:
Change miniwget to return HTTP status code
Increments API_VERSION to 16
2016/01/22:
Improve UPNPIGD_IsConnected() to check if WAN address is not private.
Parse HTTP response status line in miniwget.c
|
|
|
|
|
|
This version of miniupnpc fixes a buffer overflow in the XML (ugh)
parser during initial network discovery.
http://talosintel.com/reports/TALOS-2015-0035/
The commit fixing the vulnerability is:
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
Reported by timothy on IRC.
|
|
|
|
|
|
|
|
This is the forward-port of a9c6eef915ee264ccf4169d5e8769a6be1fa101a
|
|
See the README's in depends for documentation
|
