doc: Fill in details about miniupnp CVE-2017-8798

laanwj · laanwj · commit 7a643511b474 · 2017-06-07T13:06:11.000+02:00
diff --git a/doc/release-notes.md b/doc/release-notes.md
@@ -33,7 +33,17 @@ Notable changes
 miniupnp CVE-2017-8798
 ----------------------------
 
-[todo]
+Bundled miniupnpc was updated to 2.0.20170509. This fixes an integer signedness error
+(present in MiniUPnPc v1.4.20101221 through v2.0) that allows remote attackers
+(within the LAN) to cause a denial of service or possibly have unspecified
+other impact.
+
+This only affects users that have explicitly enabled UPnP through the GUI
+setting or through the `-upnp` option, as since the last UPnP vulnerability
+(in Bitcoin Core 0.10.3) it has been disabled by default.
+
+If you use this option, it is recommended to upgrade to this version as soon as
+possible.
 
 0.14.2 Change log
 =================
@@ -48,10 +58,10 @@ git merge commit are mentioned.
 
 ### P2P protocol and network code
 - #10424 `37a8fc5` Populate services in GetLocalAddress (morcos)
-- #10441 `9e3ad50` net: only enforce expected services for half of outgoing connections (theuni)
+- #10441 `9e3ad50` Only enforce expected services for half of outgoing connections (theuni)
 
 ### Build system
-- #10414 `ffb0c4b` [depends] miniupnpc 2.0.20170509 (fanquake)
+- #10414 `ffb0c4b` miniupnpc 2.0.20170509 (fanquake)
 - #10228 `ae479bc` Regenerate bitcoin-config.h as necessary (theuni)
 
 ### Miscellaneous
