File _patchinfo of Package patchinfo
<patchinfo>
<issue id="801061" tracker="bnc">libupnp: multiple buffer overflows</issue>
<issue id="CVE-2012-5958" tracker="cve" />
<issue id="CVE-2012-5959" tracker="cve" />
<issue id="CVE-2012-5960" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>saschpe</packager>
<description>
- Update to version 1.6.18 (bnc#801061)
+ Security fix for CERT issue VU#922681
This patch addresses three possible buffer overflows in function
unique_service_name(). The three issues have the folowing CVE numbers:
CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf
CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN
CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN
+ Notice that the following issues have already been dealt by previous
work:
CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN
CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType
CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN
CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType
CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType
</description>
<summary>update for libupnp</summary>
</patchinfo>
