Package: openslp-dfsg | Debian Sources

Package: openslp-dfsg / 1.2.1-10+deb8u1

Package	Version	Patches format
openslp-dfsg	1.2.1-10+deb8u1	3.0 (quilt)

Patch	File delta	Description
01_have_net_if_arp.diff \| (download)	common/slp_dhcp.c \| 4 3 + 1 - 0 ! configure.in \| 2 1 + 1 - 0 ! 2 files changed, 4 insertions(+), 2 deletions(-)	---
CVE 2010 3609.patch \| (download)	common/slp_message.c \| 9 9 + 0 - 0 ! 1 file changed, 9 insertions(+)	fix denial of service via circular reference
fix unused library linking.patch \| (download)	configure.in \| 16 9 + 7 - 0 ! 1 file changed, 9 insertions(+), 7 deletions(-)	fix unused library linking Make the libcrypto conditional on slpv2security, so that we can avoid a Build-Conflicts against libssl-dev. And switch library checks to use the more correct AC_SEARCH_LIBS checks instead of AC_CHECK_LIB for all libraries.
fix typo.patch \| (download)	slpd/slpd_cmdline.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fix typo in slptool command output
fix automake cond spelling.patch \| (download)	slpd/slpd_log.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	fix typo in automake conditional
CVE 2012 4428.patch \| (download)	common/slp_compare.c \| 33 12 + 21 - 0 ! 1 file changed, 12 insertions(+), 21 deletions(-)	fix out-of-bounds buffer access (cve-2012-4428) Fix handling of string-list in common/slp_common.c by not increasing the item pointer past the string-list pointer, and letting '\\' only escape the item separator ','.
CVE 2015 5177.patch \| (download)	slpd/slpd_knownda.c \| 12 6 + 6 - 0 ! 1 file changed, 6 insertions(+), 6 deletions(-)	fix double free in slpdprocessmessage() (cve-2015-5177)

Patch	File delta	Description
01_have_net_if_arp.diff \| (download)	common/slp_dhcp.c \| 4 3 + 1 - 0 ! configure.in \| 2 1 + 1 - 0 ! 2 files changed, 4 insertions(+), 2 deletions(-)	---
CVE 2010 3609.patch \| (download)	common/slp_message.c \| 9 9 + 0 - 0 ! 1 file changed, 9 insertions(+)	fix denial of service via circular reference
fix unused library linking.patch \| (download)	configure.in \| 16 9 + 7 - 0 ! 1 file changed, 9 insertions(+), 7 deletions(-)	fix unused library linking Make the libcrypto conditional on slpv2security, so that we can avoid a Build-Conflicts against libssl-dev. And switch library checks to use the more correct AC_SEARCH_LIBS checks instead of AC_CHECK_LIB for all libraries.
fix typo.patch \| (download)	slpd/slpd_cmdline.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fix typo in slptool command output
fix automake cond spelling.patch \| (download)	slpd/slpd_log.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	fix typo in automake conditional
CVE 2012 4428.patch \| (download)	common/slp_compare.c \| 33 12 + 21 - 0 ! 1 file changed, 12 insertions(+), 21 deletions(-)	fix out-of-bounds buffer access (cve-2012-4428) Fix handling of string-list in common/slp_common.c by not increasing the item pointer past the string-list pointer, and letting '\\' only escape the item separator ','.
CVE 2015 5177.patch \| (download)	slpd/slpd_knownda.c \| 12 6 + 6 - 0 ! 1 file changed, 6 insertions(+), 6 deletions(-)	fix double free in slpdprocessmessage() (cve-2015-5177)