Advisories » MGASA-2017-0313

Updated miniupnpc packages fix security vulnerability

Publication date: 26 Aug 2017
Modification date: 26 Aug 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-8798

Description

It was discovered that MiniUPnP incorrectly handled memory. A remote
attacker could use this issue to cause a denial of service or possibly
execute arbitrary code with privileges of the user running an
application that uses the MiniUPnP library (CVE-2017-8798).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20851
• https://www.ubuntu.com/usn/usn-3298-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8798

SRPMS

5/core

• miniupnpc-1.9.20141128-1.2.mga5