CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2013/01/29 09:14:06
Modified files: net/libupnp : Makefile distinfo net/libupnp/pkg: PLIST Removed files: net/libupnp/pkg: PFRAG.shared Log message: SECURITY update to libupnp 1.6.18 http://www.kb.cert.org/vuls/id/922681 - at least three remotely exploitable buffer overflows in the unique_service_name() function, which is called to process incoming SSDP requests on UDP port 1900. - devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilitites to the internet. (and roll shared libs from PFRAG.shared into PLIST while there).