Important: GSSDP 1.0.4, GSSDP 1.2.3, GUPnP 1.0.5 and GUPnP 1.2.3 released
- From: Jens Georg <mail jensge org>
- To: gupnp-list <gupnp-list gnome org>, gnome-announce-list <gnome-announce-list gnome org>
- Cc: distributor-list <distributor-list gnome org>
- Subject: Important: GSSDP 1.0.4, GSSDP 1.2.3, GUPnP 1.0.5 and GUPnP 1.2.3 released
- Date: Tue, 23 Jun 2020 09:09:53 +0200
Hello everyone,
I have released new versions of GUPnP. The main "feature" of this
release is the implementation of the UDA 2.0 spec addendum from
2020/04/17 which restricts notifications registered with SUBSCRIBE to
the subnet of the server. For this reason, a new GSSDP version is
required to provide the required information.
This is a reaction to CVE-2020-12695 (https://www.callstranger.com/)
Other changes are listed below:
GSSDP 1.0.4:
============
- Set the correct multicast source interface on the correct socket
- Add gssdp_client_get_address_mask
Bugs fixed in this release:
- https://gitlab.gnome.org/GNOME/gssdp/issues/4
All contributors to this release:
- Jens Georg <mail jensge org>
GSSDP 1.2.3:
============
- Prevent crash if client is not initialized
- Fix critical if network device does not exists
- Fix ::1 multicast
- client. Add getter for network mask
Bugs fixed in this release:
- https://gitlab.gnome.org/GNOME/gssdp/issues/5
- https://gitlab.gnome.org/GNOME/gssdp/issues/6
All contributors to this release:
- Jens Georg <mail jensge org>
GUPnP 1.0.5:
============
- Attention! Version requirement change: Requires GSSDP 1.0.4
- Fix an issue with if.h redefinition
- Fix introspection annotation for introspection callback
- Add mitigation for CVE-CVE-2020-12695 (CallStranger)
- Implement UDA 2.0 April 17 2020 addendum (CallStranger prevention)
Bugs fixed in this release:
- https://gitlab.gnome.org/GNOME/gupnp/issues/16
All contributors to this release:
- Jens Georg <mail jensge org>
- soiamsoNG <83182235 qq com>
- Fabrice Fontaine <fontaine fabrice gmail com>
GUPnP 1.2.3:
============
- Attention: Requires GSSDP 1.2.3!
- Always build the gupnp-binding-tool manpage
- Fix meson build on Windows
- Fix context creation for tests across different platforms
- Fix static linking issue caused by libguul subproject
- Add mitigations for CVE-2020-12695 (CallStranger)
- Implement UDA 2.0 April 17 2020 Addendum (Partial fix for CVE-2020-
12695)
Bugs fixed in this release:
- https://gitlab.gnome.org/GNOME/gupnp/issues/15
- https://gitlab.gnome.org/GNOME/gupnp/issues/16
All contributors to this release:
- Jens Georg <mail jensge org>
- soiamsoNG <83182235 qq com>
- Peter Seiderer <ps report gmx net>
- Jan-Michael Brummer <jan brummer tabos org>
- Mart Raudsepp <leio gentoo org>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
