Summary: | <net-libs/miniupnpc-1.9.20150427: buffer overflow (CVE-2014-3985) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bugs+gentoo, mgorny, nikoli, proxy-maint |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2014/04/30/3 | ||
Whiteboard: | B2 [glsa cve cleanup] | ||
Package list: |
=net-libs/miniupnpc-1.9.20151008
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-06-07 16:59:07 UTC
CVE-2014-3985 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3985): The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. Should be fixed in miniupnpc-1.9.20150424 added to tree now. Please check and mark this bug as resolved. Cannot confirm this was backported to 1.8 which is stable in the tree. https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9 @maintainer, can you confirm this is backported? If not, you can call for the stabilization of patched version and we can proceed to cleanup of the old vulnerable. Thanks. Vulnerability is fixed in every 1.9er release in tree. @ Arches, please test and mark stable: =net-libs/miniupnpc-1.9.20151008 amd64 stable x86 stable arm stable Stable for HPPA PPC64. sparc stable ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA request filed. This issue was resolved and addressed in GLSA 201701-41 at https://security.gentoo.org/glsa/201701-41 by GLSA coordinator Aaron Bauman (b-man). |