Bug 203705
| Summary: | net/miniupnpc: Update to 1.9.20151008 (and miniupnpd to 20150922) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Bernard Spil <brnrd> | ||||
| Component: | Individual Port(s) | Assignee: | Dirk Meyer <dinoex> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Some People | CC: | brnrd, robbak, squat | ||||
| Priority: | --- | Flags: | dinoex:
maintainer-feedback-
|
||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204015 | ||||||
| Bug Depends on: | 203761, 203768 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Bernard Spil
2015-10-11 18:22:43 UTC
A commit references this bug: Author: dinoex Date: Tue Oct 13 18:39:46 UTC 2015 New revision: 399209 URL: https://svnweb.freebsd.org/changeset/ports/399209 Log: - Security update to miniupnpc-1.9.20151008 Security: http://talosintel.com/reports/TALOS-2015-0035/ PR: 203705 Submitted by: Bernard Spil Changes: head/net/miniupnpc/Makefile head/net/miniupnpc/distinfo head/net/miniupnpc/files/patch-Makefile head/net/miniupnpc/pkg-plist please create a seperate PR for net/miniupnpd Seems that the ABI has changed?
```
CC upnp.o
upnp.c:91:51: error: too few arguments to function call, expected 7, have 6
ret = upnpDiscover (msec, NULL, NULL, 0, 0, &err);
~~~~~~~~~~~~ ^
/usr/local/include/miniupnpc/miniupnpc.h:61:1: note: 'upnpDiscover' declared here
MINIUPNP_LIBSPEC struct UPNPDev *
^
/usr/local/include/miniupnpc/miniupnpc_declspec.h:14:28: note: expanded from macro 'MINIUPNP_LIBSPEC'
#define MINIUPNP_LIBSPEC __attribute__ ((visibility ("default")))
^
1 error generated.
Makefile:1124: recipe for target 'upnp.o' failed
gmake[2]: *** [upnp.o] Error 1
```
(In reply to Bernard Spil from comment #3) I just found that out, too. See the patch for https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203761 for a fix. Basically, add "2," before "&err", as they have added a 'ttl' field in the function definition. Fix for net-p2p/transmission-cli in https://bugs.freebsd.org/203768 Fix for net-p2p/bitcoin in https://bugs.freebsd.org/203761 A commit references this bug: Author: feld Date: Wed Oct 14 16:21:20 UTC 2015 New revision: 399275 URL: https://svnweb.freebsd.org/changeset/ports/399275 Log: net/miniupnpc: Document buffer overflow PR: 203705 Security: TALOS-2015-0035 Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: jbeich Date: Wed Oct 14 17:05:18 UTC 2015 New revision: 399281 URL: https://svnweb.freebsd.org/changeset/ports/399281 Log: net/miniupnpc: reference TALOS-2015-0035 fix It maybe easier to backport to the quaterly branch than the development snapshot that caused fallout in most consumers. PR: 203705 Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: jbeich Date: Wed Oct 14 18:57:45 UTC 2015 New revision: 399288 URL: https://svnweb.freebsd.org/changeset/ports/399288 Log: net/miniupnpc: backport TALOS-2015-0035 (aka CVE-2015-6031) fix Direct commit as /head in r399209 updated miniupnpc to a snapshot instead. PR: 203705 Approved by: portmgr (bapt) Security: 06fefd2f-728f-11e5-a371-14dae9d210b8 Differential Revision: https://reviews.freebsd.org/D3895 Changes: branches/2015Q4/net/miniupnpc/Makefile branches/2015Q4/net/miniupnpc/files/patch-CVE-2015-6031 A commit references this bug: Author: jbeich Date: Wed Oct 14 19:02:29 UTC 2015 New revision: 399289 URL: https://svnweb.freebsd.org/changeset/ports/399289 Log: net/miniupnpc: improve TALOS-2015-0035 entry in VuXML - Add "reserved" CVE link - Adjust version range to include a few previous snapshots and different fix in /branches/2015Q4 PR: 203705 Changes: head/security/vuxml/vuln.xml |