This one could do with a quick review from the security team. ** Changed in: gupnp (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gupnp in Ubuntu. https://bugs.launchpad.net/bugs/1799974 Title: [MIR] gupnp Status in gupnp package in Ubuntu: New Bug description: * Availability Builds on all supported architectures in Ubuntu and on sync from Debian, the package was in main in the past and needs to be re- promoted * Rationale We would like to enable dlna sharing of media files, which is a GNOME upstream feature and relying on rygel which depends on the gupnp libraries * Security There is an old CVE recorded/fixed https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2174 * Quality assurance - the desktop-packages team is subscribed to the package - the bug lists in upstream, the Debian PTS and launchpad are empty - upstream has a testsuit which is used during build * Dependendies The package uses standard desktop libraries that are already in main * Standards compliance the package is using standard packaging (dh10), the standards-version is 4.2, the package is in sync from Debian * Maintainance Upstream is active and the desktop team is going to look after the package in ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gupnp/+bug/1799974/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp