Description of problem: note taken from US-CERT.gov website: "Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices. Information is also available in CERT Vulnerability Note VU#922681. US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities. US-CERT recommends that users and administrators review CERT Vulnerability Note VU#922681, disable UPnP (if possible), and restrict access to SSDP (1900/udp) and Simple Object Access Protocol (SOAP) services from untrusted networks such as the Internet." source: http://www.us-cert.gov/current/#cert_releases_upnp_security_advisory So, libupnp needs to be updated to the latest version (1.6.18) Version-Release number of selected component (if applicable): 1.6.17 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
*** This bug has been marked as a duplicate of bug 905577 ***