[no subject]

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

From:	Leo Famulari
Subject:
Date:	Thu, 6 Oct 2016 02:16:26 -0400

Subject: [PATCH 0/1] libupnp remote filesystem access CVE-2016-6255

You can use libupnp on a remote server to read and write the filesystem
with the privileges of the libupnp process:

http://seclists.org/oss-sec/2016/q3/102

This patch cherry-picks the upstream commit:

https://github.com/mrjimenez/pupnp/commit/d64d6a44906b5aa5306bdf1708531d698654dda5

Leo Famulari (1):
  gnu: libupnp: Fix CVE-2016-6255.

 gnu/local.mk                                     |  1 +
 gnu/packages/libupnp.scm                         |  2 +
 gnu/packages/patches/libupnp-CVE-2016-6255.patch | 86 ++++++++++++++++++++++++
 3 files changed, 89 insertions(+)
 create mode 100644 gnu/packages/patches/libupnp-CVE-2016-6255.patch

-- 
2.10.1

[Prev in Thread]

Current Thread

[Next in Thread]

[no subject], Leo Famulari <=
- [PATCH 1/1] gnu: libupnp: Fix CVE-2016-6255., Leo Famulari, 2016/10/06
  - Re: [PATCH 1/1] gnu: libupnp: Fix CVE-2016-6255., Ludovic Courtès, 2016/10/06
    - Re: [PATCH 1/1] gnu: libupnp: Fix CVE-2016-6255., Leo Famulari, 2016/10/09
- Re: CVE-2016-6255, Efraim Flashner, 2016/10/06

Prev by Date: [PATCH 1/1] gnu: libupnp: Fix CVE-2016-6255.
Next by Date: [PATCH] aarch64 support in isl
Previous by thread: Input needed regarding disk encryption/decryption
Next by thread: [PATCH 1/1] gnu: libupnp: Fix CVE-2016-6255.
Index(es):
- Date
- Thread