Your message dated Wed, 28 May 2014 06:18:46 +0000
with message-id <e1wpxci-0003zf...@franck.debian.org>
and subject line Bug#748913: fixed in miniupnpc 1.6-4
has caused the Debian Bug report #748913,
regarding miniupnpc: Buffer overread in miniwget
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
748913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=748913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: miniupnpc
Severity: grave
Tags: security
Justification: user security hole
A CVE assignment is pending. The fix is here:
https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: miniupnpc
Source-Version: 1.6-4
We believe that the bug you reported is fixed in the latest version of
miniupnpc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 748...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated miniupnpc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 28 May 2014 06:07:40 +0000
Source: miniupnpc
Binary: miniupnpc libminiupnpc8 libminiupnpc-dev python-miniupnpc
Architecture: source amd64
Version: 1.6-4
Distribution: unstable
Urgency: high
Maintainer: Thomas Goirand <z...@debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
libminiupnpc-dev - UPnP IGD client lightweight library development files
libminiupnpc8 - UPnP IGD client lightweight library
miniupnpc - UPnP IGD client lightweight library client
python-miniupnpc - UPnP IGD client lightweight library Python bindings
Closes: 748913
Changes:
miniupnpc (1.6-4) unstable; urgency=high
.
* Fixed potential buffer overrun in miniwget.c (Closes: #748913).
Checksums-Sha1:
ec45547c9c3aad8c86ec1edfc05f51bb44505aca 2032 miniupnpc_1.6-4.dsc
136c3604cbdb6b73235c06a32596813c935792e7 6144 miniupnpc_1.6-4.debian.tar.xz
3f6883627f8492cebdba9c0cc3369606d9bb108b 16158 miniupnpc_1.6-4_amd64.deb
c85ddf291706b66fe869ba99606ff7d4f393a66f 24238 libminiupnpc8_1.6-4_amd64.deb
5dcd82120a70ecabaa69a92c5da32995de70ec98 29234 libminiupnpc-dev_1.6-4_amd64.deb
447c4c9e43c693a48c976ca9a00fabacb3b9f4ca 26184 python-miniupnpc_1.6-4_amd64.deb
Checksums-Sha256:
6213ab85eb91dac8eb2d8172cd7ce2e7e61bb53e01ecf0e3c722dced29bb2a70 2032
miniupnpc_1.6-4.dsc
fc25bf036e4204ada5012d63e0409e09becabd30fb4093455871086375b79643 6144
miniupnpc_1.6-4.debian.tar.xz
b4534cd05aef4ff3c60e7bc73b0f43d187c2aa95ef49305e999014cda588595b 16158
miniupnpc_1.6-4_amd64.deb
5d2c5d18a153e30840752e6599def77f7407adda82c879f7f3b18b3a099e67aa 24238
libminiupnpc8_1.6-4_amd64.deb
ffac6a63d730cf428543ef1a82905329015bf30474a4545ab5fc0ae2fa25366f 29234
libminiupnpc-dev_1.6-4_amd64.deb
11c182b22b9424658e720926bd0adc8dd3a13819d4290af18e51ee50460a03ec 26184
python-miniupnpc_1.6-4_amd64.deb
Files:
62ae71143812a4e892ab8669f60ba2da 16158 net optional miniupnpc_1.6-4_amd64.deb
16be7aa63379595d0835f62a6e342569 24238 net optional
libminiupnpc8_1.6-4_amd64.deb
8561ddabc84e2649bed68d2ad2b4bae5 29234 libdevel optional
libminiupnpc-dev_1.6-4_amd64.deb
9e08cf972e828e0af4ecccceed0b11a0 26184 python optional
python-miniupnpc_1.6-4_amd64.deb
31ae9507c99948a0f4bf92067fde0016 2032 net optional miniupnpc_1.6-4.dsc
b52bbb7f41061d550c79dc14bf760bd3 6144 net optional
miniupnpc_1.6-4.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJThX1hAAoJENQWrRWsa0P+RL4P/23CLkAF4eVomcfd1mORc+JO
aJf8R/ra28eXqG8CUEiejRb3EHb6OGVeYsWUzszZJgfYAKBYyTDg7qdobAsi7pkT
QDwNBJTYlJwEqdaGqF8e/2b2uHM9ONI5hGZEpz1VGCdu0Zk9tbmFAyyfNTlE29Bq
e5g/dUk+V9C9H0KVNoX6cz8T1r3YXkNuZUBMQ5L3lZLLcqIIyzEv+JVPiJmHwbku
2Liq2RocdNksZ/4KDMzX59x84SQAu5+ivtEZIzviK+WU7fD16UMZ7uEZKoaveLsu
v6OvSU9BGXlZ5FAf1YaYD9rMW3TcRWmA4dDzRtj9uJ8KyO/oXUVdxW1/NXnc9xeh
IcVZwn0vqEVemfKgKKJ1CzMaUk8KRdcgr/FEA4nyorOY8whqgQOYkyASF/vcpTUN
mgvpy1aWoR/p1uwItwiEnYZo/t9QND17edWtmWPilhnnPGUh0HuiP8iGe0gTPV5j
dtwh0GP3MsJX8J8trYev624FkYfwz2fR/BcxKWpRjb5hbEGWLk8WzuwpFlY+T2Y5
wtLDsR8kqOQ5INDqq2Y6CVi9J+1HIza45EfxzYw4QcGI2pbhVXSokwWflbi7W3s5
UUi0hZB7efzCR++cEZFyvYbRsccH6E732caxHK8+LJX/jaBL+Vgtrfjtpu9TCGM2
P5nnWXkVhx8Cji1cK+rz
=80ug
-----END PGP SIGNATURE-----
--- End Message ---