Patchwork libupnp: security bump to version 1.6.18

login
register
mail settings
Submitter Gustavo Zacarias
Date Feb. 5, 2013, 2:13 a.m.
Message ID <1360030390-10197-1-git-send-email-gustavo@zacarias.com.ar>
Download mbox | patch
Permalink /patch/218134/
State Accepted
Commit 0b8daf87b1526f258c5c1b48dfb2b7dcf21bfe0e
Headers show

Comments

Gustavo Zacarias - Feb. 5, 2013, 2:13 a.m.
Fixes CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961,
CVE-2012-5962, CVE-2012-5963, CVE-2012-5964 and CVE-2012-5965.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/libupnp/libupnp-1.6.17-no-ipv6.patch | 37 ----------------------------
 package/libupnp/libupnp.mk                   |  2 +-
 2 files changed, 1 insertion(+), 38 deletions(-)
 delete mode 100644 package/libupnp/libupnp-1.6.17-no-ipv6.patch
Peter Korsgaard - Feb. 5, 2013, 8:45 a.m.
>>>>> "Gustavo" == Gustavo Zacarias <gustavo@zacarias.com.ar> writes:

 Gustavo> Fixes CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961,
 Gustavo> CVE-2012-5962, CVE-2012-5963, CVE-2012-5964 and CVE-2012-5965.

Committed, thanks.

Patch

diff --git a/package/libupnp/libupnp-1.6.17-no-ipv6.patch b/package/libupnp/libupnp-1.6.17-no-ipv6.patch
deleted file mode 100644
index 67b3895..0000000
--- a/package/libupnp/libupnp-1.6.17-no-ipv6.patch
+++ /dev/null
@@ -1,37 +0,0 @@ 
-From 812bdabc2c293173ea943059a577d480884a6cc1 Mon Sep 17 00:00:00 2001
-From: Gustavo Zacarias <gustavo@zacarias.com.ar>
-Date: Wed, 11 Apr 2012 11:17:45 -0300
-Subject: [PATCH] ssdp_device: exclude IPv6 stuff when there's no IPv6
-
-Add an additional INET_IPV6 exclusion around IPV6_MULTICAST_HOPS since
-the definition isn't guaranteed to exist when the toolchain lacks IPv6
-support.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
----
- upnp/src/ssdp/ssdp_device.c |    2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
-
-diff --git a/upnp/src/ssdp/ssdp_device.c b/upnp/src/ssdp/ssdp_device.c
-index d3517cc..a439005 100644
---- a/upnp/src/ssdp/ssdp_device.c
-+++ b/upnp/src/ssdp/ssdp_device.c
-@@ -210,6 +210,7 @@ static int NewRequestHandler(
- 			   (char *)&ttl, sizeof(int));
- 		socklen = sizeof(struct sockaddr_in);
- 		break;
-+#ifdef INET_IPV6
- 	case AF_INET6:
- 		inet_ntop(AF_INET6,
- 			  &((struct sockaddr_in6 *)DestAddr)->sin6_addr,
-@@ -219,6 +220,7 @@ static int NewRequestHandler(
- 		setsockopt(ReplySock, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
- 			   (char *)&hops, sizeof(hops));
- 		break;
-+#endif
- 	default:
- 		UpnpPrintf(UPNP_CRITICAL, SSDP, __FILE__, __LINE__,
- 			   "Invalid destination address specified.");
--- 
-1.7.3.4
-
diff --git a/package/libupnp/libupnp.mk b/package/libupnp/libupnp.mk
index 3d4606b..295dace 100644
--- a/package/libupnp/libupnp.mk
+++ b/package/libupnp/libupnp.mk
@@ -4,7 +4,7 @@ 
 #
 #############################################################
 
-LIBUPNP_VERSION = 1.6.17
+LIBUPNP_VERSION = 1.6.18
 LIBUPNP_SOURCE = libupnp-$(LIBUPNP_VERSION).tar.bz2
 LIBUPNP_SITE = http://downloads.sourceforge.net/project/pupnp/pupnp/libUPnP%20$(LIBUPNP_VERSION)
 LIBUPNP_CONF_ENV = ac_cv_lib_compat_ftime=no