[3.6] miniupnpc: Integer signedness error (CVE-2017-8798)
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through
v2.0 allows remote attackers to cause a denial of service or possibly
have unspecified other impact.
References:
http://seclists.org/oss-sec/2017/q2/247
https://nvd.nist.gov/vuln/detail/CVE-2017-8798
Patch:
https://github.com/miniupnp/miniupnp/commit/f0f1f4b22d6a98536377a1bb07e7c20e4703d229
(from redmine: issue id 7990, created on 2017-10-10, closed on 2017-10-17)
- Changesets:
- Revision ee83a9f5 by Francesco Colista on 2017-10-10T11:55:39Z:
community/miniupnpc: security fixes CVE-2017-8798. Fixes #7990