Publishing details

Published on 2016-07-01
Copied from ubuntu trusty in Private PPA for Ubuntu Security Team by Tyler Hicks

Changelog

minissdpd (1.1.20120121-1+deb7u1build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

minissdpd (1.1.20120121-1+deb7u1) wheezy-security; urgency=high

  * Non-maintainer upload by the Wheezy LTS Team.
  * patch for CVE-2016-3178 + CVE-2016-3179
    The minissdpd daemon contains a improper validation of array index
    vulnerability (CWE-129) when processing requests sent to the Unix
    socket at /var/run/minissdpd.sock the Unix socket can be accessed
    by an unprivileged user to send invalid request causes an
    out-of-bounds memory access that crashes the minissdpd daemon.

 -- Tyler Hicks <email address hidden>  Fri, 01 Jul 2016 13:36:35 -0500

Available diffs

diff from 1.1.20120121-1 (in Debian) to 1.1.20120121-1+deb7u1build0.14.04.1 (1.8 KiB)

Builds

Built packages

minissdpd keep memory of all UPnP devices that announced themselves

Package files

minissdpd_1.1.20120121-1+deb7u1build0.14.04.1.debian.tar.gz (6.1 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1.dsc (1.9 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_amd64.deb (15.2 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_arm64.deb (14.9 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_armhf.deb (14.2 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_i386.deb (14.9 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_powerpc.deb (15.0 KiB)
minissdpd_1.1.20120121-1+deb7u1build0.14.04.1_ppc64el.deb (15.3 KiB)
minissdpd_1.1.20120121.orig.tar.gz (17.3 KiB)