Debian Bug report logs -
#716936
miniupnpd: CVE-2013-2600
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Mon, 15 Jul 2013 05:24:02 UTC
Severity: important
Tags: security
Fixed in version miniupnpd/1.8.20130730-1
Done: Thomas Goirand <zigo@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Thomas Goirand <zigo@debian.org>:
Bug#716936; Package miniupnpd.
(Mon, 15 Jul 2013 05:24:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Thomas Goirand <zigo@debian.org>.
(Mon, 15 Jul 2013 05:24:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: miniupnpd
Severity: important
Tags: security
Please see http://seclists.org/bugtraq/2013/Jul/84 for details.
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Thomas Goirand <zigo@debian.org>:
Bug#716936; Package miniupnpd.
(Mon, 15 Jul 2013 10:00:16 GMT) (full text, mbox, link).
Acknowledgement sent
to miniupnp <miniupnp@free.fr>:
Extra info received and forwarded to list. Copy sent to Thomas Goirand <zigo@debian.org>.
(Mon, 15 Jul 2013 10:00:16 GMT) (full text, mbox, link).
Message #10 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hello,
it was patched 3 month ago :
https://github.com/miniupnp/miniupnp/commit/18887cb1e49295e69c308d8bb1f2526798a77429
see version miniupnpd-1.8.20130426.tar.gz
<http://miniupnp.free.fr/files/download.php?file=miniupnpd-1.8.20130426.tar.gz>
and up
http://miniupnp.free.fr/files/
Le 15/07/2013 07:18, Moritz Muehlenhoff a écrit :
> Package: miniupnpd
> Severity: important
> Tags: security
>
> Please see http://seclists.org/bugtraq/2013/Jul/84 for details.
>
> Cheers,
> Moritz
>
>
[Message part 2 (text/html, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Thomas Goirand <zigo@debian.org>:
Bug#716936; Package miniupnpd.
(Mon, 15 Jul 2013 10:00:19 GMT) (full text, mbox, link).
Acknowledgement sent
to miniupnp <miniupnp@free.fr>:
Extra info received and forwarded to list. Copy sent to Thomas Goirand <zigo@debian.org>.
(Mon, 15 Jul 2013 10:00:19 GMT) (full text, mbox, link).
Reply sent
to Thomas Goirand <zigo@debian.org>:
You have taken responsibility.
(Thu, 15 Aug 2013 15:24:18 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer.
(Thu, 15 Aug 2013 15:24:18 GMT) (full text, mbox, link).
Message #20 received at 716936-close@bugs.debian.org (full text, mbox, reply):
Source: miniupnpd
Source-Version: 1.8.20130730-1
We believe that the bug you reported is fixed in the latest version of
miniupnpd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 716936@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <zigo@debian.org> (supplier of updated miniupnpd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 23 Jul 2013 11:16:15 +0800
Source: miniupnpd
Binary: miniupnpd
Architecture: source amd64
Version: 1.8.20130730-1
Distribution: unstable
Urgency: low
Maintainer: Thomas Goirand <zigo@debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
miniupnpd - daemon providing UPnP Internet Gateway Device (IGD) services
Closes: 686287 686537 716936
Changes:
miniupnpd (1.8.20130730-1) unstable; urgency=low
.
* Uploading to unstable.
* New upstream release fixing CVE-2013-2600: MiniUPnPd versions 1.8 and
earlier are prone to an information disclosure vulnerability due to
improper use of snprintf() while preparing SSDP responses. An attacker can
exploit this vulnerability by sending a crafted request with a long ST
header. If the header is long enough, the SSDP response buffer will be
truncated by snprintf() and the subsequent sendto() call will read off the
end of the buffer thereby disclosing the contents of adjacent memory. This
response can reveal details of internal network topology as well as other
activity on the target network. Fix at:
.
https://github.com/miniupnp/miniupnp/commit/18887cb1e49295e69c308d8bb1f2526798a77429
.
Correctly handle truncated snprintf() in SSDP code (Closes: #716936,
#686537).
* Now packaging using pristine-tar git-import-orig.
* Added new IPv6 rules in the init script, and its configuration through
debconf (Closes: #686287).
* Fixed the clean process.
* Removes now obsolete patches.
* Build-Depends on libnfnetlink-dev.
* Standards-Version: 3.9.4.
* Canonical URLs for VCS feilds.
Checksums-Sha1:
ad27cb1d02837cf2697a4c71fc10bfd2a1233ff5 1292 miniupnpd_1.8.20130730-1.dsc
32eed969a6c653d6d5ccd236ee50275c933d020e 149904 miniupnpd_1.8.20130730.orig.tar.gz
8a8e717ebfa7d17ec725ed5966b458361ce6cf32 8872 miniupnpd_1.8.20130730-1.debian.tar.xz
ce9841a2b27d6a2858f18bd4fc38ec1466261cd5 67800 miniupnpd_1.8.20130730-1_amd64.deb
Checksums-Sha256:
65f02c3cc4053800cd27fac1c8419df092511044bd86da293091c41f62e12011 1292 miniupnpd_1.8.20130730-1.dsc
919ab6ec719959fff9bdae3f1d83f6a39c43fa4a6d3f2c48077f43729d3d7d43 149904 miniupnpd_1.8.20130730.orig.tar.gz
f3927fa607bc14c4e96be777000449d58ed219f63a7d614d283d95dc8bfa77eb 8872 miniupnpd_1.8.20130730-1.debian.tar.xz
dfbc044c32952f62cdc33a0651136a47b2b1671fced3106d26ca46683fd4cc85 67800 miniupnpd_1.8.20130730-1_amd64.deb
Files:
4b24103d02e186b60ce1594fc7a17343 1292 net optional miniupnpd_1.8.20130730-1.dsc
5d0789e920a1b1160b04738c13e84e6a 149904 net optional miniupnpd_1.8.20130730.orig.tar.gz
0114836bb9c5fa440f5100f1f37c2fd8 8872 net optional miniupnpd_1.8.20130730-1.debian.tar.xz
bad2ba5fc85ac0fa97cac2cec7f033bf 67800 net optional miniupnpd_1.8.20130730-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iEYEARECAAYFAlH64YEACgkQl4M9yZjvmkkHFACfc3y5YTAyWvU4FCfy4Cb8RGAn
qmMAnjqcUZZgWFuPhT4OiKqwyPVxorKl
=xSqY
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 23 Sep 2013 07:30:31 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:12:55 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon