| |||||||||||||||||||
Mageia alert MGASA-2013-0037 (libupnp)
MGASA-2013-0037 Date: February 6th, 2013 Affected releases: 2 Media: Core Description: Updated libupnp packages fix security vulnerabilities: The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilities to the internet (CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963, CVE-2012-5964, CVE-2012-5965). Updated Packages: i586: libixml2-1.6.15-1.1.mga2.i586.rpm libthreadutil6-1.6.15-1.1.mga2.i586.rpm libupnp6-1.6.15-1.1.mga2.i586.rpm libupnp-devel-1.6.15-1.1.mga2.i586.rpm libupnp-debug-1.6.15-1.1.mga2.i586.rpm x86_64: lib64ixml2-1.6.15-1.1.mga2.x86_64.rpm lib64threadutil6-1.6.15-1.1.mga2.x86_64.rpm lib64upnp6-1.6.15-1.1.mga2.x86_64.rpm lib64upnp-devel-1.6.15-1.1.mga2.x86_64.rpm libupnp-debug-1.6.15-1.1.mga2.x86_64.rpm SRPMS: libupnp-1.6.15-1.1.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5958 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5959 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5961 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5962 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5963 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5964 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5965 http://www.kb.cert.org/vuls/id/922681 http://www.debian.org/security/2013/dsa-2614 https://bugs.mageia.org/show_bug.cgi?id=8974 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||