NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/gupnp: security bump to version 1.0.5

Browse Source 
Fixes the following security issue:

- CVE-2020-12695: The Open Connectivity Foundation UPnP specification before
  2020-04-17 does not forbid the acceptance of a subscription request with a
  delivery URL on a different network segment than the fully qualified
  event-subscription URL, aka the CallStranger issue

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2020-07-21 22:07:49 +02:00
parent ce6351f61a
commit 651af5f09c
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/gupnp/gupnp.hash
View File

@ -1,5 +1,5 @@
# Hash from: http://ftp.gnome.org/pub/gnome/sources/gupnp/1.0/gupnp-1.0.4.sha256sum:
sha256 8b0992650c6ef8566d2d0c9198c8a669106dc2c73aa908fcc4a4d043a8c0b544 gupnp-1.0.4.tar.xz
# Hash from: http://ftp.gnome.org/pub/gnome/sources/gupnp/1.0/gupnp-1.0.5.sha256sum:
sha256 e9359fa8ed70c3c2b2b987869262ebb5c5ed1365726b7a9e8e59b3471e5c37f5 gupnp-1.0.5.tar.xz
# Hash for license file:
sha256 d245807f90032872d1438d741ed21e2490e1175dc8aa3afa5ddb6c8e529b58e5 COPYING

2
package/gupnp/gupnp.mk
View File

@ -5,7 +5,7 @@
################################################################################
GUPNP_VERSION_MAJOR = 1.0
GUPNP_VERSION = $(GUPNP_VERSION_MAJOR).4
GUPNP_VERSION = $(GUPNP_VERSION_MAJOR).5
GUPNP_SOURCE = gupnp-$(GUPNP_VERSION).tar.xz
GUPNP_SITE = http://ftp.gnome.org/pub/gnome/sources/gupnp/$(GUPNP_VERSION_MAJOR)
GUPNP_LICENSE = LGPL-2.0+