[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
From: |
Leo Famulari |
Subject: |
|
Date: |
Thu, 6 Oct 2016 02:16:26 -0400 |
Subject: [PATCH 0/1] libupnp remote filesystem access CVE-2016-6255
You can use libupnp on a remote server to read and write the filesystem
with the privileges of the libupnp process:
http://seclists.org/oss-sec/2016/q3/102
This patch cherry-picks the upstream commit:
https://github.com/mrjimenez/pupnp/commit/d64d6a44906b5aa5306bdf1708531d698654dda5
Leo Famulari (1):
gnu: libupnp: Fix CVE-2016-6255.
gnu/local.mk | 1 +
gnu/packages/libupnp.scm | 2 +
gnu/packages/patches/libupnp-CVE-2016-6255.patch | 86 ++++++++++++++++++++++++
3 files changed, 89 insertions(+)
create mode 100644 gnu/packages/patches/libupnp-CVE-2016-6255.patch
--
2.10.1
- [no subject],
Leo Famulari <=