Accepted minissdpd 1.1.20120121-1+deb7u1 (source i386) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted minissdpd 1.1.20120121-1+deb7u1 (source i386) into oldstable
From: dak@security.debian.org
Date: Tue, 03 May 2016 17:50:14 +0000
Message-id: <[🔎] E1axeSc-0007W8-Kt@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 28 Mar 2016 12:03:02 +0100
Source: minissdpd
Binary: minissdpd
Architecture: source i386
Version: 1.1.20120121-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Thomas Goirand <zigo@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description: 
 minissdpd  - keep memory of all UPnP devices that announced themselves
Changes: 
 minissdpd (1.1.20120121-1+deb7u1) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Wheezy LTS Team.
   * patch for CVE-2016-3178 + CVE-2016-3179
     The minissdpd daemon contains a improper validation of array index
     vulnerability (CWE-129) when processing requests sent to the Unix
     socket at /var/run/minissdpd.sock the Unix socket can be accessed
     by an unprivileged user to send invalid request causes an
     out-of-bounds memory access that crashes the minissdpd daemon.
Checksums-Sha1: 
 b1715ea284baedabe63c714e9025b55f7f13237e 2011 minissdpd_1.1.20120121-1+deb7u1.dsc
 540665702a17ca5de304929c921988b7c940091d 17762 minissdpd_1.1.20120121.orig.tar.gz
 a1c2877dae708201d46a0cdd4b006b34d335d370 6257 minissdpd_1.1.20120121-1+deb7u1.debian.tar.gz
 eb7d201578442960de3ae2d7291fcf76d9e0aef7 17222 minissdpd_1.1.20120121-1+deb7u1_i386.deb
Checksums-Sha256: 
 c56a1871c514d7edc29eaa1df8b91c0bff65ece098abb5853d8ac3b1fe23af64 2011 minissdpd_1.1.20120121-1+deb7u1.dsc
 a404599e6884d246524b0139c80cf4997ff2dcf0525163514e8c960f573be636 17762 minissdpd_1.1.20120121.orig.tar.gz
 f41bb3569fe9142c41450d71c0986a8424011afedc1e876b6d5242ae7614898c 6257 minissdpd_1.1.20120121-1+deb7u1.debian.tar.gz
 aa532a3347d49f6bbc4476c0bb1c66b03620734d16a050b615715bb7f12e6198 17222 minissdpd_1.1.20120121-1+deb7u1_i386.deb
Files: 
 1f6472997abc6f54592de1331a457f0a 2011 net optional minissdpd_1.1.20120121-1+deb7u1.dsc
 0e7eab6b9a30eeddea18aae30fe9fd0a 17762 net optional minissdpd_1.1.20120121.orig.tar.gz
 d868b58810eda816ffb94e3e276462dc 6257 net optional minissdpd_1.1.20120121-1+deb7u1.debian.tar.gz
 151875a57848296373a0fdc22ee004b8 17222 net optional minissdpd_1.1.20120121-1+deb7u1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJXKONXXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHVjUP/RH5ObyZ67QJ+gs5ZvRIAWbt
QPx74MLwMXfZXNhHXt9g1DUMSFGscDzwJbcEKhY3wtToQapmQY9vlb4OXhTKSkqk
aMrKBPxL/nvprYzplR4P6++NLw/CeifW3f5jFEYgY6KXV4ZhEZzn3xdTPYUxTvLb
SX54Kf0dKvHj32WXSadMxUrAdC6pON/clQXeOq2LjvoK5dVB11SSFl/1Y/G2Qr8e
X7wIuILrZ95zrvGfbPAT9kT8N4WT7EKfKpVGO6BzETTog4j3zpgSWVh+iaWAUxeO
sp+IxK14iCvbrsBR0R17dzfBismwi+UCslNuq2O1MEMATSOUb+jZZosdABQhroeH
Vvo+RRDWPvFS7hgTwFmJIn3xn5jh6Q6S4j5YjbcYeQE8iGzIKsH5gXUSUNomQvYM
9fPz3kJMhkLYhKPBJcHvrtSXCGfMncFOdY9eJPe30jRiROuOwKkluIuaaKf8GX5x
InxZPGvkBtTgt7OWyHHslSX9fCqxzfu9F1uXDIgYvLgoBpLO6b6+GkLzdKcRphWo
Pgs+pFscFm6/T5jJVr0t2iIgxJOP4RLx495gZZ7AsixuzDXEJmsdE7LTuhJA9QBx
SR3Pa1ObVsWVxmNCuzqSE+bT1lpJGh3jscDbF48YWdYdNZw4nHPmtUTct3/OQHi+
jObvo8vNP7ioX8Y8p0rE
=f1hn
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted jalview 2.7.dfsg-2+deb7u1 (source all) into oldstable
Next by Date: Accepted extplorer 2.1.0b6+dfsg.3-4+deb7u2 (source all) into oldstable
Previous by thread: Accepted jalview 2.7.dfsg-2+deb7u1 (source all) into oldstable
Next by thread: Accepted extplorer 2.1.0b6+dfsg.3-4+deb7u2 (source all) into oldstable
Index(es):
- Date
- Thread