DNS rebinding vulnerability in npupnp

[Gabriel Corona <gabriel.corona () enst-bretagne fr>]

The server-part of npupnp, a library used to implement UUPnP clients and
servers, is vulnerable to DNS rebinding attacks.

Impact: A remote web server can exploit this vulnerability to trick the
user browser into triggering actions on the local UPnP services
implemented using this library.

This is fixed in v4.1.4.

https://framagit.org/medoc92/npupnp
https://www.lesbonscomptes.com/upmpdcli/npupnp-doc/libnpupnp.html

A CVE as been requested.