Format: 1.8
Date: Mon, 24 Oct 2016 08:54:59 +0100
Source: minissdpd
Binary: minissdpd
Architecture: ppc64el
Version: 1.2.20130907-3.2
Distribution: zesty-proposed
Urgency: high
Maintainer: Launchpad Build Daemon <buildd@bos01-ppc64el-005.buildd>
Changed-By: James Cowgill <jcowgill@debian.org>
Description:
 minissdpd  - keep memory of all UPnP devices that announced themselves
Closes: 816759
Changes:
 minissdpd (1.2.20130907-3.2) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2016-3178 and CVE-2016-3179. (Closes: #816759)
     The minissdpd daemon contains a improper validation of array index
     vulnerability (CWE-129) when processing requests sent to the Unix
     socket at /var/run/minissdpd.sock the Unix socket can be accessed
     by an unprivileged user to send invalid request causes an
     out-of-bounds memory access that crashes the minissdpd daemon.
Checksums-Sha1:
 94039481fd1cc11e545b2d6f854270a17942e160 30458 minissdpd-dbgsym_1.2.20130907-3.2_ppc64el.ddeb
 5c9dda07527f053b942d0a753cd83360fbb50016 18766 minissdpd_1.2.20130907-3.2_ppc64el.deb
Checksums-Sha256:
 59b055f17f6d9313372d1829d208efbc0b0fa2596bf70f4bd10911bddb4c1c74 30458 minissdpd-dbgsym_1.2.20130907-3.2_ppc64el.ddeb
 6acb1e835d719b779f93e423a8b327b1eb2330bc67c4147ca9711c0a40f5a098 18766 minissdpd_1.2.20130907-3.2_ppc64el.deb
Files:
 aa027289da9201b108fc0998c85836d7 30458 net extra minissdpd-dbgsym_1.2.20130907-3.2_ppc64el.ddeb
 7cdb2996a9134312189eb1f4d26a33a7 18766 net optional minissdpd_1.2.20130907-3.2_ppc64el.deb