UbuntuUpdates.org

Package "gupnp"

Name: gupnp

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GObject introspection data for the GUPnP library
  • GObject-based library for UPnP
  • GObject-based library for UPnP (development files)
  • GObject-based library for UPnP (documentation)
Latest version: 1.2.4-0ubuntu1
Release: focal (20.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "gupnp" in Focal

Repository Area Version
base main 1.2.2-1
security main 1.2.3-0ubuntu0.20.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.2.4-0ubuntu1 2021-07-06 22:06:23 UTC

  gupnp (1.2.4-0ubuntu1) focal; urgency=medium

  * New stable update (lp: #1925798)

 -- Sebastien Bacher <email address hidden> Fri, 23 Apr 2021 15:23:07 +0200
Source diff to previous version
1925798 SRU the current 1.2.4 stable update

Version: 1.2.3-0ubuntu0.20.04.2 2021-06-01 13:06:26 UTC

  gupnp (1.2.3-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: DNS rebinding issue
    - debian/patches/CVE-2021-33516.patch: make sure that the host header
      matches the context in libgupnp/gupnp-context-private.h,
      libgupnp/gupnp-context.c, libgupnp/gupnp-service.c.
    - CVE-2021-33516

 -- Marc Deslauriers <email address hidden> Fri, 28 May 2021 07:59:59 -0400
Source diff to previous version
CVE-2021-33516 An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnera

Version: 1.2.3-0ubuntu0.20.04.1 2020-09-15 12:06:55 UTC

  gupnp (1.2.3-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 1.2.3 to fix security issue.
    - debian/control.in: require libgssdp-1.2-dev (>= 1.2.3)
    - CVE-2020-12695

 -- Marc Deslauriers <email address hidden> Mon, 14 Sep 2020 09:18:59 -0400
CVE-2020-12695 The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on


About   -   Send Feedback to @ubuntu_updates