Accepting request 896477 from home:susnux:branches:GNOME:Factory

Update to version 1.2.6 Fix CVE-2021-33516 ( boo#1186590 ) OBS-URL: https://build.opensuse.org/request/show/896477 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gupnp?expand=0&rev=114
2021-06-01 09:42:23 +00:00
parent 5f992b3420
commit 8ad159cee3
2 changed files with 25 additions and 4 deletions
--- a/gupnp.changes
+++ b/gupnp.changes
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Tue Jun  1 01:19:08 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
+
+- Update to version 1.2.6
+  + Fix CVE-2021-33516 ( boo#1186590 )
+  + Fix potential fd leak in linux CM
+  + Fix potential NULL pointer dereference when evaluating unset
+    ServiceProxyActions
+  + Fix leaking the message string if an action is never sent
+  + Fix leaking the ServiceProxyAction if sending fails in
+    call_action
+  + Fix potential use-after-free if service proxy is
+    destroxed before libsoup request finishes in control point
+  + Fix potential data leak due to being vulnerable to DNS
+    rebind attacs
+  + Fix introspection annotation for send_action and
+    call_action_finish to prevent a double-free
+  + Fix introspection annotation for send_action_list
+  + Make ServiceIntrospection usable from gobject-introspection
+- Fix dependencies
+
 -------------------------------------------------------------------
 Thu May 27 17:02:15 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>