Format: 1.8
Date: Mon, 24 Oct 2016 08:54:59 +0100
Source: minissdpd
Binary: minissdpd
Architecture: powerpc
Version: 1.2.20130907-3.2
Distribution: zesty-proposed
Urgency: high
Maintainer: Launchpad Build Daemon <buildd@fisher04.buildd>
Changed-By: James Cowgill <jcowgill@debian.org>
Description:
 minissdpd  - keep memory of all UPnP devices that announced themselves
Closes: 816759
Changes:
 minissdpd (1.2.20130907-3.2) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2016-3178 and CVE-2016-3179. (Closes: #816759)
     The minissdpd daemon contains a improper validation of array index
     vulnerability (CWE-129) when processing requests sent to the Unix
     socket at /var/run/minissdpd.sock the Unix socket can be accessed
     by an unprivileged user to send invalid request causes an
     out-of-bounds memory access that crashes the minissdpd daemon.
Checksums-Sha1:
 95ec3369e9b7ba1070dc62bf35c5bec82816c750 27676 minissdpd-dbgsym_1.2.20130907-3.2_powerpc.ddeb
 0d2a2b296c5490fdae02dabf583b6818ceacc3b3 18186 minissdpd_1.2.20130907-3.2_powerpc.deb
Checksums-Sha256:
 88f379699a1cce0af3531c01a520c98dbbd801bf0b2d0f18c5b7f19e9f79099f 27676 minissdpd-dbgsym_1.2.20130907-3.2_powerpc.ddeb
 2e71732b784d6e7cf6aacc54b7baf3071d7e7538dca0c347b2752daed42d00c8 18186 minissdpd_1.2.20130907-3.2_powerpc.deb
Files:
 65b4ba5d498f9ee43c5a2d93e1d99fc4 27676 net extra minissdpd-dbgsym_1.2.20130907-3.2_powerpc.ddeb
 e86a07d56286e50c0c74f10b06f87150 18186 net optional minissdpd_1.2.20130907-3.2_powerpc.deb