|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-597-1 (libupnp)



From:
    	      Balint Reczey <balint@balintreczey.hu> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 597-1] libupnp security update 


Date:
    	      Thu, 18 Aug 2016 02:12:51 +0200


Message-ID:
    	      <5797c75a-576b-bae8-6f4a-8a074a68b01b@balintreczey.hu>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libupnp
Version        : 1.6.17-1.2+deb7u1
CVE ID         : CVE-2016-6255
Debian Bug     : 831857


It has been discovered that libupnp's default behaviour allows anyone
to write to the filesystem of the system running a libupnp-based
server application.

For Debian 7 "Wheezy", these problems have been fixed in version
1.6.17-1.2+deb7u1.

We recommend that you upgrade your libupnp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXtP2DAAoJEPZk0la0aRp9+4EQAM4Cox1XbQscYXPlrdzFwjAy
aqPy3k47I7nZ6f2oVfJXDFqwUqEu+eVPT1U/4OTtY+lc9HUYgKCBSRhouQkax507
n47UdoFF/Esk8kNv79QnlGOH6twC4E2FmcVd4V9eE02N3eiungk+VzHk8uCs+Zt3
g2l+2MY0QO2suzqQR7dBA2rlss3YYk3SpJLWq5jPj/mz11MFe/RqVf31H6lqXNYS
Z9fpraYtDtmdFmzqRcYeO75cKpdP/LnbtaW5ABKrnkn5xeHTD2bzbUnTG0oQdhrc
ZeslEVwmQwmQVTNHnsNfHjiGz4MTexkQ/3OcjifEa3ytIhA+SRdCgt4/VvTusNlX
oUuVRsNk1GGsZELD05rhOwzKRsMiIiMnEHzlfSP5I4h61yCSSc217SmkjE7qtaYX
mRxVF5ByiMraOPs/nyb5+iJfHJ1exJ/l6oPY64Bi+GLz7GqYoEtkbRhfYptqlrCp
JZcxrrA/8Pxy/tPPHzSBbrmCk1hMRO4iaRAprU/OGHk+GRXXC/8LWpNa34DHp7IT
Cmj6PSFE5OXlEtdtXgyjNzq9EpH3l3cJBkIT/Gd5QsuslxqGfKWCNCbPem9cUfe+
T0VQuJkmk9Ss0YGX0gpANKSj1VA2cBP0V9+91lUyC2XOpGwSRsveA7e6x8JIGmsd
FLWevSae8KnR79lS6h/2
=TTE0
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds