Bug 203705 - net/miniupnpc: Update to 1.9.20151008 (and miniupnpd to 20150922)
Summary: net/miniupnpc: Update to 1.9.20151008 (and miniupnpd to 20150922)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Dirk Meyer
URL:
Keywords:
Depends on: 203761 203768
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-11 18:22 UTC by Bernard Spil
Modified: 2015-10-25 15:13 UTC (History)
3 users (show)

See Also:
dinoex: maintainer-feedback-


Attachments
svn diff for net/miniupnp{c,d} (3.26 KB, patch)
2015-10-11 18:22 UTC, Bernard Spil
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer 2015-10-11 18:22:43 UTC
Created attachment 161922 [details]
svn diff for net/miniupnp{c,d}

Hi,

There have been security related updates to miniupnp based on some Talos finds (http://talosintel.com/reports/TALOS-2015-0035/)

Haven't created a vuxml entry, don't know if that's necessary here.

Kind regards,

Bernard.
Comment 1 commit-hook freebsd_committer 2015-10-13 18:40:22 UTC
A commit references this bug:

Author: dinoex
Date: Tue Oct 13 18:39:46 UTC 2015
New revision: 399209
URL: https://svnweb.freebsd.org/changeset/ports/399209

Log:
  - Security update to miniupnpc-1.9.20151008
  Security: http://talosintel.com/reports/TALOS-2015-0035/
  PR:		203705
  Submitted by:	Bernard Spil

Changes:
  head/net/miniupnpc/Makefile
  head/net/miniupnpc/distinfo
  head/net/miniupnpc/files/patch-Makefile
  head/net/miniupnpc/pkg-plist
Comment 2 Dirk Meyer freebsd_committer 2015-10-13 18:42:27 UTC
please create a seperate PR for net/miniupnpd
Comment 3 Bernard Spil freebsd_committer 2015-10-14 06:50:47 UTC
Seems that the ABI has changed?

```
  CC       upnp.o
upnp.c:91:51: error: too few arguments to function call, expected 7, have 6
  ret = upnpDiscover (msec, NULL, NULL, 0, 0, &err);
        ~~~~~~~~~~~~                              ^
/usr/local/include/miniupnpc/miniupnpc.h:61:1: note: 'upnpDiscover' declared here
MINIUPNP_LIBSPEC struct UPNPDev *
^
/usr/local/include/miniupnpc/miniupnpc_declspec.h:14:28: note: expanded from macro 'MINIUPNP_LIBSPEC'
                #define MINIUPNP_LIBSPEC __attribute__ ((visibility ("default")))
                                         ^
1 error generated.
Makefile:1124: recipe for target 'upnp.o' failed
gmake[2]: *** [upnp.o] Error 1
```
Comment 4 robbak 2015-10-14 09:16:29 UTC
(In reply to Bernard Spil from comment #3)

I just found that out, too. See the patch for https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203761 for a fix. Basically, add "2," before "&err", as they have added a 'ttl' field in the function definition.
Comment 5 Bernard Spil freebsd_committer 2015-10-14 13:01:09 UTC
Fix for net-p2p/transmission-cli in https://bugs.freebsd.org/203768
Fix for net-p2p/bitcoin in https://bugs.freebsd.org/203761
Comment 6 commit-hook freebsd_committer 2015-10-14 16:22:10 UTC
A commit references this bug:

Author: feld
Date: Wed Oct 14 16:21:20 UTC 2015
New revision: 399275
URL: https://svnweb.freebsd.org/changeset/ports/399275

Log:
  net/miniupnpc: Document buffer overflow

  PR:		203705
  Security:	TALOS-2015-0035

Changes:
  head/security/vuxml/vuln.xml
Comment 7 commit-hook freebsd_committer 2015-10-14 17:05:25 UTC
A commit references this bug:

Author: jbeich
Date: Wed Oct 14 17:05:18 UTC 2015
New revision: 399281
URL: https://svnweb.freebsd.org/changeset/ports/399281

Log:
  net/miniupnpc: reference TALOS-2015-0035 fix

  It maybe easier to backport to the quaterly branch than the development
  snapshot that caused fallout in most consumers.

  PR:		203705

Changes:
  head/security/vuxml/vuln.xml
Comment 8 commit-hook freebsd_committer 2015-10-14 18:58:38 UTC
A commit references this bug:

Author: jbeich
Date: Wed Oct 14 18:57:45 UTC 2015
New revision: 399288
URL: https://svnweb.freebsd.org/changeset/ports/399288

Log:
  net/miniupnpc: backport TALOS-2015-0035 (aka CVE-2015-6031) fix

  Direct commit as /head in r399209 updated miniupnpc to a snapshot instead.

  PR:		203705
  Approved by:	portmgr (bapt)
  Security:	06fefd2f-728f-11e5-a371-14dae9d210b8
  Differential Revision:	https://reviews.freebsd.org/D3895

Changes:
  branches/2015Q4/net/miniupnpc/Makefile
  branches/2015Q4/net/miniupnpc/files/patch-CVE-2015-6031
Comment 9 commit-hook freebsd_committer 2015-10-14 19:02:41 UTC
A commit references this bug:

Author: jbeich
Date: Wed Oct 14 19:02:29 UTC 2015
New revision: 399289
URL: https://svnweb.freebsd.org/changeset/ports/399289

Log:
  net/miniupnpc: improve TALOS-2015-0035 entry in VuXML

  - Add "reserved" CVE link
  - Adjust version range to include a few previous snapshots
    and different fix in /branches/2015Q4

  PR:		203705

Changes:
  head/security/vuxml/vuln.xml