Register | Log in

miniupnpd

UPnP and NAT-PMP daemon for gateway routers

Choose email to subscribe with

general

source: miniupnpd (main)
version: 2.1-5
maintainer: Thomas Goirand [DMD] [LowNMU]
uploaders: Yangfl [DMD]
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.8.20140523-4
stable: 1.8.20140523-4.1+deb9u1
testing: 2.1-5
unstable: 2.1-5

versioned links

1.8.20140523-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.20140523-4.1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

miniupnpd

action needed

5 security issues in stretch high

There are 5 open security issues in stretch.

5 important issues:

CVE-2019-12111: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
CVE-2019-12110: An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.
CVE-2019-12109: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
CVE-2019-12107: The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CVE-2019-12108: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

Please fix them.

Created: 2019-05-16 Last update: 2019-05-18 09:04

6 security issues in jessie high

There are 6 open security issues in jessie.

5 important issues:

CVE-2019-12111: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
CVE-2019-12110: An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.
CVE-2019-12109: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
CVE-2019-12107: The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CVE-2019-12108: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

1 issue skipped by the security teams:

CVE-2017-1000494: Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact

Please fix them.

Created: 2018-01-14 Last update: 2019-05-18 09:04

5 security issues in sid high

There are 5 open security issues in sid.

5 important issues:

CVE-2019-12111: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
CVE-2019-12110: An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.
CVE-2019-12109: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
CVE-2019-12107: The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CVE-2019-12108: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

Please fix them.

Created: 2019-05-16 Last update: 2019-05-18 09:04

5 security issues in buster high

There are 5 open security issues in buster.

5 important issues:

CVE-2019-12111: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
CVE-2019-12110: An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.
CVE-2019-12109: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
CVE-2019-12107: The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
CVE-2019-12108: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

Please fix them.

Created: 2019-05-16 Last update: 2019-05-18 09:04

Depends on packages which need a new maintainer normal

The packages that miniupnpd depends on which need a new maintainer are:

lsb (#924519)
- Depends: lsb-base

Created: 2019-03-13 Last update: 2019-05-20 21:08

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2019-04-07 Last update: 2019-04-07 07:37

news

[2019-03-11] miniupnpd 2.1-5 MIGRATED to testing (Debian testing watch)
[2019-03-01] Accepted miniupnpd 2.1-5 (source amd64) into unstable (Yangfl) (signed by: Thomas Goirand)
[2019-02-10] miniupnpd 2.1-4 MIGRATED to testing (Debian testing watch)
[2019-02-07] Accepted miniupnpd 2.1-4 (source amd64) into unstable (Yangfl) (signed by: Thomas Goirand)
[2019-01-13] miniupnpd 2.1-3 MIGRATED to testing (Debian testing watch)
[2019-01-07] Accepted miniupnpd 2.1-3 (source amd64) into unstable (Yangfl) (signed by: Thomas Goirand)
[2018-08-25] miniupnpd 2.1-2 MIGRATED to testing (Debian testing watch)
[2018-08-19] Accepted miniupnpd 2.1-2 (source amd64) into unstable (Yangfl) (signed by: Thomas Goirand)
[2018-06-12] Accepted miniupnpd 2.1-1 (source amd64) into unstable (Yangfl) (signed by: Thomas Goirand)
[2018-03-30] Accepted miniupnpd 1.8.20140523-4.1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Thomas Goirand)
[2018-02-12] Accepted miniupnpd 2.0.20171212-2 (source amd64) into unstable (Thomas Goirand)
[2018-02-01] Accepted miniupnpd 2.0.20171212-1 (source amd64) into unstable (Thomas Goirand)
[2017-10-21] miniupnpd 1.8.20140523-4.2 MIGRATED to testing (Debian testing watch)
[2017-10-16] Accepted miniupnpd 1.8.20140523-4.2 (source amd64) into unstable (Chris Lamb)
[2017-01-24] miniupnpd 1.8.20140523-4.1 MIGRATED to testing (Debian testing watch)
[2017-01-13] Accepted miniupnpd 1.8.20140523-4.1 (source) into unstable (Adrian Bunk)
[2016-12-29] miniupnpd 1.8.20140523-4 MIGRATED to testing (Debian testing watch)
[2016-04-15] miniupnpd REMOVED from testing (Debian testing watch)
[2014-12-12] miniupnpd 1.8.20140523-4 MIGRATED to testing (Britney)
[2014-12-09] Accepted miniupnpd 1.8.20140523-4 (source amd64) into unstable (Thomas Goirand)
[2014-11-10] miniupnpd 1.8.20140523-3 MIGRATED to testing (Britney)
[2014-11-04] Accepted miniupnpd 1.8.20140523-3 (source amd64) into unstable (Thomas Goirand)
[2014-07-19] miniupnpd 1.8.20140523-2 MIGRATED to testing (Britney)
[2014-07-14] Accepted miniupnpd 1.8.20140523-2 (source amd64) (Thomas Goirand)
[2014-06-14] miniupnpd 1.8.20140523-1 MIGRATED to testing (Debian testing watch)
[2014-06-08] Accepted miniupnpd 1.8.20140523-1 (source amd64) (Thomas Goirand)
[2014-06-02] miniupnpd 1.8.20130730-3 MIGRATED to testing (Debian testing watch)
[2014-05-28] Accepted miniupnpd 1.8.20130730-3 (source amd64) (Thomas Goirand)
[2013-10-06] miniupnpd 1.8.20130730-2 MIGRATED to testing (Debian testing watch)
[2013-09-25] Accepted miniupnpd 1.8.20130730-2 (source amd64) (Thomas Goirand)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility, cross
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.1-5
1 bug (1 patch)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing