Menu

#132 CVE-2016-6255: write files via POST

branch-1.6.x
closed-accepted
Marcelo Roberto Jimenez
security (2)
1
2017-06-18
2016-08-02
Balint Reczey
No

From Debian's BTS https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831857 :

From: Salvatore Bonaccorso carnil@debian.org
To: Debian Bug Tracking System submit@bugs.debian.org
Subject: libupnp: write files via POST
Date: Wed, 20 Jul 2016 11:03:34 +0200

Source: libupnp
Version: 1:1.6.17-1
Severity: grave
Tags: security upstream
Justification: user security hole

Hi

See http://www.openwall.com/lists/oss-security/2016/07/18/13 and
https://twitter.com/mjg59/status/755062278513319936 .

Proposed fix:
https://github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd

Regards,
Salvatore

Discussion

  • Balint Reczey

    Balint Reczey - 2016-08-02
     

    Last edit: Balint Reczey 2016-08-12

  • Thev00d00

    Thev00d00 - 2016-09-15

    Any chance we can get this commited?

     

    • Marcelo Roberto Jimenez

      Marcelo Roberto Jimenez - 2016-09-15

      Of course. It would make my life a lot simpler if github.com/mjg59 sent me a patch. A pull request on github does not seem possible, maybe he did not clone from my tree.

       

      • Marcelo Roberto Jimenez

        Marcelo Roberto Jimenez - 2016-09-15

        Never mind, just saw it is the last commit.

         

  • Marcelo Roberto Jimenez

    Marcelo Roberto Jimenez - 2017-01-21
    • Description has changed:

    Diff:

    --- old
+++ new
@@ -1,4 +1,3 @@
-

 From Debian's BTS https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831857 :
    • status: open --> closed-accepted
    • assigned_to: Marcelo Roberto Jimenez
     
MongoDB Logo MongoDB