On Wed, Dec 07, 2016 at 10:10:16AM +0100, Uwe Kleine-König wrote: > Hello Nick, > > > On Wed, Nov 30, 2016 at 10:04:04PM +0100, Uwe Kleine-König wrote: > > Linux requires to have sin6_scope_id hold the interface id when binding to > > link-local addresses. This is already in use in other parts of upnp, so > > portability shouldn't be in the way here. Without this bind(2) fails with > > errno=EINVAL (although ipv6(7) from manpages 4.08 specifies ENODEV in this > > case). > > > > Fixes: https://bugs.debian.org/813249 > > --- > > Hello, > > > > would be great to get this patch into libupnp (both Debian and upstream) > > because without this vlc (which makes use of libupnp) cannot "see" any UPNP > > shares. > > would you mind me doing an NMU (1:1.6.19+git20160116-1.2) to fix this? I > also think this affects all ipv6 enabled machines so I wonder if > severity important would be justified. Also it seems worthwile to add > commit 91ef91e8531b86507f9a752316991221792db380 from upstream.
I'd also include the fix for #842093 (aka CVE-2016-8863) that I created at https://sourceforge.net/p/pupnp/bugs/133/#d8a2 . Best regards Uwe
signature.asc
Description: PGP signature
