Debian Package Tracker
Register | Log in
Subscribe

gupnp

Choose email to subscribe with

general
  • source: gupnp (main)
  • version: 1.4.3-1
  • maintainer: Debian GNOME Maintainers (archive) (DMD)
  • uploaders: Jeremy Bicha [DMD] – Laurent Bigonville [DMD]
  • arch: all any
  • std-ver: 4.6.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.0.1-1
  • o-o-sec: 1.0.1-1+deb9u1
  • oldstable: 1.0.5-0+deb10u1
  • stable: 1.2.4-1
  • testing: 1.4.3-1
  • unstable: 1.4.3-1
versioned links
  • 1.0.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.1-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.0.5-0+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.2.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.4.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • gir1.2-gupnp-1.2
  • libgupnp-1.2-1 (1 bugs: 0, 0, 1, 0)
  • libgupnp-1.2-dev
  • libgupnp-doc
action needed
Marked for autoremoval on 30 June due to nvidia-graphics-drivers-tesla-470: #1011146 high
Version 1.4.3-1 of gupnp is marked for autoremoval from testing on Thu 30 Jun 2022. It depends (transitively) on nvidia-graphics-drivers-tesla-470, affected by #1011146. You should try to prevent the removal by fixing these RC bugs.
Created: 2022-05-24 Last update: 2022-05-24 17:30
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2021-33516: An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
Created: 2021-05-25 Last update: 2022-02-06 05:35
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2021-33516: An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
Created: 2021-08-15 Last update: 2022-02-06 05:35
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 71c3ae90e227043e6ce5c03f7a98e70fd5307a89
Author: Jeremy Bicha <jeremy.bicha@canonical.com>
Date:   Wed Apr 27 12:59:59 2022 -0400

    Update debian/watch
    
    Gbp-Dch: Ignore
Created: 2022-04-27 Last update: 2022-05-17 08:42
Multiarch hinter reports 1 issue(s) low
There are issues with the multiarch metadata for this package.
  • libgupnp-doc could be marked Multi-Arch: foreign
Created: 2018-12-05 Last update: 2022-05-24 17:34
1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:
  • CVE-2021-33516: (needs triaging) An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-05-25 Last update: 2022-02-06 05:35
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2021-33516: (needs triaging) An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2022-02-06 05:35
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).
Created: 2022-05-11 Last update: 2022-05-11 23:25
news
[rss feed]
  • [2022-02-06] gupnp 1.4.3-1 MIGRATED to testing (Debian testing watch)
  • [2022-01-31] Accepted gupnp 1.4.3-1 (source) into unstable (Andreas Henriksson)
  • [2021-12-12] gupnp 1.4.1-1 MIGRATED to testing (Debian testing watch)
  • [2021-12-07] Accepted gupnp 1.4.1-1 (source) into unstable (Jeremy Bicha)
  • [2021-10-08] gupnp 1.4.0-2 MIGRATED to testing (Debian testing watch)
  • [2021-10-03] Accepted gupnp 1.4.0-2 (source) into unstable (Jeremy Bicha)
  • [2021-09-29] Accepted gupnp 1.4.0-1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: Jeremy Bicha)
  • [2021-06-08] Accepted gupnp 1.2.7-1 (source) into experimental (Sebastien Bacher)
  • [2020-09-21] gupnp 1.2.4-1 MIGRATED to testing (Debian testing watch)
  • [2020-09-21] gupnp 1.2.4-1 MIGRATED to testing (Debian testing watch)
  • [2020-09-16] Accepted gupnp 1.2.4-1 (source) into unstable (Sebastien Bacher)
  • [2020-08-24] Accepted gupnp 1.0.5-0+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Emilio Pozuelo Monfort)
  • [2020-08-06] Accepted gupnp 1.0.1-1+deb9u1 (source) into oldstable (Emilio Pozuelo Monfort)
  • [2020-07-03] gupnp 1.2.3-1 MIGRATED to testing (Debian testing watch)
  • [2020-06-25] Accepted gupnp 1.2.3-1 (source) into unstable (Sebastien Bacher)
  • [2020-04-20] gupnp 1.2.2-2 MIGRATED to testing (Debian testing watch)
  • [2020-04-14] Accepted gupnp 1.2.2-2 (source) into unstable (Laurent Bigonville)
  • [2020-01-13] gupnp 1.2.2-1 MIGRATED to testing (Debian testing watch)
  • [2020-01-08] gupnp 1.2.1-2 MIGRATED to testing (Debian testing watch)
  • [2020-01-08] Accepted gupnp 1.2.2-1 (source) into unstable (Laurent Bigonville)
  • [2019-12-31] Accepted gupnp 1.2.1-2 (source) into unstable (Laurent Bigonville)
  • [2019-05-12] Accepted gupnp 1.2.1-1 (source) into experimental (Sebastien Bacher)
  • [2019-03-17] Accepted gupnp 1.2.0-1 (source) into experimental (Jeremy Bicha)
  • [2019-02-28] Accepted gupnp 1.1.2-1 (source amd64 all) into experimental, experimental (Jeremy Bicha)
  • [2018-12-31] gupnp 1.0.3-3 MIGRATED to testing (Debian testing watch)
  • [2018-12-26] Accepted gupnp 1.0.3-3 (source) into unstable (Jeremy Bicha)
  • [2018-12-10] gupnp 1.0.3-2 MIGRATED to testing (Debian testing watch)
  • [2018-12-04] Accepted gupnp 1.0.3-2 (source) into unstable (Sebastien Bacher)
  • [2018-09-20] gupnp 1.0.3-1 MIGRATED to testing (Debian testing watch)
  • [2018-09-15] Accepted gupnp 1.0.3-1 (source) into unstable (Jeremy Bicha)
  • 1
  • 2
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 0
  • M&W: 1
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.4.3-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing