Hello community,
here is the log from the commit of package patchinfo.1284 for
openSUSE:12.1:Update checked in at 2013-02-07 08:39:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update/patchinfo.1284 (Old)
and /work/SRC/openSUSE:12.1:Update/.patchinfo.1284.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.1284", Maintainer is ""
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo>
<issue id="801061" tracker="bnc">libupnp: multiple buffer overflows</issue>
<issue id="CVE-2012-5958" tracker="cve" />
<issue id="CVE-2012-5959" tracker="cve" />
<issue id="CVE-2012-5960" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>saschpe</packager>
<description>
- Update to version 1.6.18 (bnc#801061)
+ Security fix for CERT issue VU#922681
This patch addresses three possible buffer overflows in function
unique_service_name(). The three issues have the folowing CVE numbers:
CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf
CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN
CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN
+ Notice that the following issues have already been dealt by previous
work:
CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN
CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType
CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN
CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType
CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType
</description>
<summary>update for libupnp</summary>
</patchinfo>
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
