Re: libupnp buffer overflows
On Fri, May 18, 2012 at 08:43:52PM +0200, Florian Weimer wrote:
> * Touko Korpela:
>
> > Upstream changelog for libupnp (/usr/share/doc/libupnp6/changelog.gz) lists
> > many fixes for buffer overflows in version 1.6.16. Should this be added to
> > tracker and check if CVE number is allocated?
>
> It seems that the list of issues is fairly long. Have you got a list
> of source code commits?
Unfortunately, no. I only noticed this from the changelog.
Maybe maintainer and/or upstream can tell if this can be exploited.
Reply to: