Page MenuHomeFreeBSD
Differential D3895

MFH or rather direct commit request to fix vulnerability in net/miniupnpc
ClosedPublic
Actions

Authored by jbeich on Oct 14 2015, 6:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jan 13, 4:26 AM
Unknown Object (File)
Fri, Jan 10, 7:29 AM
Unknown Object (File)
Thu, Jan 2, 6:02 PM
Unknown Object (File)
Nov 28 2024, 5:59 AM
Unknown Object (File)
Nov 27 2024, 1:26 PM
Unknown Object (File)
Nov 17 2024, 2:30 AM
Unknown Object (File)
Nov 13 2024, 5:24 AM
Unknown Object (File)
Nov 12 2024, 10:34 AM
View All 85 Files
Subscribers
None

Details

Reviewers
bapt
Group Reviewers
portmgr
ports secteam
Commits
rP399288: net/miniupnpc: backport TALOS-2015-0035 (aka CVE-2015-6031) fix
Summary

rP399209 caused a fallout in consumers some of which are yet to be fixed. Let's try backporting just the security-related bit. net/py-miniupnpc links with static library, so it needs PORTREVISION bump as well.

text
net/miniupnpc: backport TALOS-2015-0035 (aka CVE-2015-6031) fix

Direct commit as /head updated miniupnpc to a snapshot in r399209.

PR:		203705
Approved by:	portmgr? | ports-secteam?
Security:	06fefd2f-728f-11e5-a371-14dae9d210b8
Test Plan

Green build with old versions of:

  • net/miniupnpc
  • net/py-miniupnpc
  • net-p2p/transmission-cli
  • net-p2p/bitcoin

No poudriere logs as my HDD is too slow to check out entire 2015Q4 and
do proper builds.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 768
Build 768: arc lint + arc unit

Event Timeline

jbeich updated this revision to Diff 9388.Oct 14 2015, 6:09 PM
jbeich retitled this revision from to MFH or rather direct commit request to fix vulnerability in net/miniupnpc.
jbeich updated this object.
jbeich edited the test plan for this revision. (Show Details)
jbeich added reviewers: portmgr, ports secteam.
bapt accepted this revision.Oct 14 2015, 6:14 PM
bapt added a reviewer: bapt.
This revision is now accepted and ready to land.Oct 14 2015, 6:14 PM
Closed by commit rP399288: net/miniupnpc: backport TALOS-2015-0035 (aka CVE-2015-6031) fix (authored by jbeich). · Explain WhyOct 14 2015, 6:58 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
net/
miniupnpc/
1 line
files/
24 lines

Diff 9388

View Options

net/miniupnpc/Makefile

Loading...
View Options

net/miniupnpc/files/patch-CVE-2015-6031

Loading...