Security update for libupnp
This update to libupnp 1.6.21 fixes the following security issues:
- various string handling issues (bsc#898167)
- CVE-2016-8863: out-of-bounds access (bsc#1006256)
- CVE-2016-6255: fix for file write via POST (bsc#989948)
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#989948
VUL-0: CVE-2016-6255 libupnp: Unhandled POSTs can write to the filesystem by default
bnc#898167
VUL-1: libupnp: multiple issues
bnc#1006256
VUL-0: CVE-2016-8863: libupnp: Buffer overflow in create_url_list
