Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

miniupnp{d,c} updates, fix for CVE-2017-1000494 #33906

Merged
merged 2 commits into from Jan 16, 2018
Merged

miniupnp{d,c} updates, fix for CVE-2017-1000494 #33906

merged 2 commits into from Jan 16, 2018

Conversation

andir
Copy link
Member

@andir andir commented Jan 15, 2018

Motivation for this change

Randomly browsing through issue trackers and checking with nixpkgs made me discover an issue with miniupnpd. Miniupnpc also received an update but I am uncertain if that is also affected by the same issue. Bumping it shouldn't hurt tho..

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests]
    (https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
    • nixos/tests/bittorent.nix contains code that uses miniupnpd so I used that as a test case.
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@andir
miniupnpd: 2.0 -> 2.0.20171212 (fixes CVE-2017-1000494)
addf1d5 
changelog since the last version bump:

  2017/12/12:
    Fix a few buffer overrun in SSDP and SOAP parsing

  2017/11/02:
    PCP : reset epoch after address change

  2017/05/26:
    merge https://github.com/miniupnp/miniupnp/tree/randomize_url branch

  2017/05/24:
    get SSDP packet receiving interface index and use it to check if the
      packet is from a LAN

  2017/03/13:
    default to client address for AddPortMapping when <NewInternalClient>
      is empty
    pass ext_if_name to add_pinhole()

  2016/12/23:
    Fix UDA-1.2.10 Man header empty or invalid

  2016/12/16:
    Do not try to open IPv6 sockets once it is disabled

  2016/12/01:
    Fix "AddPinhole Twice" test

  2016/11/11:
    fixes build for Solaris/SunOS

  2016/07/23:
    fixes build error on DragonFly BSD
@andir
miniupnpc_2: 2.0.20170509 -> 2.0.20171212
761ed40 
This potentially addresses CVE-2017-1000494.

Changes since last version bump:

  2017/12/11:
    Fix buffer over run in minixml.c
    Fix uninitialized variable access in upnpreplyparse.c
@adisbladis adisbladis merged commit f0f062b into NixOS:master Jan 16, 2018
@adisbladis
Copy link
Member

Backported in 3a58353 and 66b4de7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@andir @adisbladis @GrahamcOfBorg