Package: release.debian.org Severity: normal Tags: buster User: release.debian....@packages.debian.org Usertags: pu
Hi, This fixes CVE-2020-12695 (CallStranger) in the gupnp library, which benefits servers using it such as rygel. As for gssdp, I updated to 1.0.5 as the other changes seemed sensible, but let me know if you prefer a minimal update. I found a bug in the update that could cause a remote user to crash a server, it's been reviewed and fixed upstream, and is included as a patch. With that, things seem to work well on my (limited) tests and CallStranger is addressed. Thanks, Emilio
gupnp.debdiff.gz
Description: application/gzip