CVSROOT: /cvs Module name: ports Changes by: [email protected] 2019/03/11 14:05:23
Modified files:
net/miniupnp/miniupnpd: Makefile
net/miniupnp/miniupnpd/patches: patch-upnpevents_c
Log message:
Cherrypick patch from upstream miniupnpd: Check the return value of
snprintf().
jasper@ found a POC (https://github.com/b1ack0wl/miniupnpd_poc) for a
read out-of-bounds vulnerability in miniupnpd. Fix has been provided by
upstream.
POC seems to work, so does the fix.
