Debian Security Advisory

DLA-949-1 miniupnpc -- LTS security update

Date Reported:
22 May 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2017-8798.
More information:

It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack.

For Debian 7 Wheezy, this issue has been fixed in miniupnpc version 1.5-2+deb7u2.

We recommend that you upgrade your miniupnpc packages.