From ${URL} : It was pointed out in https://bugzilla.redhat.com/show_bug.cgi?id=1085618 that miniupnpc version 1.9 fixes a possible buffer overflow: https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2014-3985 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3985): The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.
Should be fixed in miniupnpc-1.9.20150424 added to tree now. Please check and mark this bug as resolved.
Cannot confirm this was backported to 1.8 which is stable in the tree. https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9 @maintainer, can you confirm this is backported? If not, you can call for the stabilization of patched version and we can proceed to cleanup of the old vulnerable. Thanks.
Vulnerability is fixed in every 1.9er release in tree. @ Arches, please test and mark stable: =net-libs/miniupnpc-1.9.20151008
amd64 stable
x86 stable
arm stable
Stable for HPPA PPC64.
sparc stable
ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
New GLSA request filed.
This issue was resolved and addressed in GLSA 201701-41 at https://security.gentoo.org/glsa/201701-41 by GLSA coordinator Aaron Bauman (b-man).