CVSROOT:        /cvs
Module name:    ports
Changes by:     [email protected]    2019/03/11 14:05:23

Modified files:
        net/miniupnp/miniupnpd: Makefile 
        net/miniupnp/miniupnpd/patches: patch-upnpevents_c 

Log message:
Cherrypick patch from upstream miniupnpd: Check the return value of
snprintf().

jasper@ found a POC (https://github.com/b1ack0wl/miniupnpd_poc) for a
read out-of-bounds vulnerability in miniupnpd. Fix has been provided by
upstream.

POC seems to work, so does the fix.

Reply via email to