Format: 1.8 Date: Tue, 02 Feb 2021 14:45:21 +0000 Source: minidlna Binary: minidlna Architecture: amd64 Version: 1.2.1+dfsg-1ubuntu0.20.04.1 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Paulo Flabiano Smorigo Description: minidlna - lightweight DLNA/UPnP-AV server targeted at embedded systems Changes: minidlna (1.2.1+dfsg-1ubuntu0.20.04.1) focal-security; urgency=medium . * SECURITY UPDATE: Insufficient input sanitization vulnerability - debian/patches/CVE-2020-12695.patch: upnphttp: Validate SUBSCRIBE callback URL. - debian/patches/CVE-2020-28926.patch: upnphttp: Disallow negative HTTP chunk lengths. - CVE-2020-12695 - CVE-2020-28926 * Other fixes: - debian/patches/14-fix-gcc10-ftbfs.patch: Fix build for GCC10. - debian/patches/15-use-newer-ip_multicast_if-api.patch: Use newer API for IP_MULTICAST_IF which allows one to specify interface by index, not by address. Checksums-Sha1: e84a70fb5eb39d70d125dbc10bd217c1089825f4 334504 minidlna-dbgsym_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.ddeb d0b56e7f1268312a9c02847b06a6e18be2a21113 9123 minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.buildinfo 386d70a3d64c87805b4122d39d136ef6da09dc51 142228 minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.deb Checksums-Sha256: 06ea823db57f9e61a2c7ccfdcd699a8af90339b4f3458044ff8f76ebfc963698 334504 minidlna-dbgsym_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.ddeb c6ebf209bf5a5072286844d683c7786d5e6f3e28a51aec3860c0ff59f02d2bf6 9123 minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.buildinfo 4ecc4827ca667ae180930dc01de21491196303add7097736bde4f6e3cf30aa87 142228 minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.deb Files: cb8ed0a4262f9e8e86b3751566316888 334504 debug optional minidlna-dbgsym_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.ddeb e5e0c6245c738e530c1e4823b3d87e35 9123 net optional minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.buildinfo 7316de1861e68ae1a11c5790ab126243 142228 net optional minidlna_1.2.1+dfsg-1ubuntu0.20.04.1_amd64.deb Original-Maintainer: Alexander GQ Gerasiov