[Secure-testing-commits] r40323 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 11 17:57:33 UTC 2016
Author: carnil
Date: 2016-03-11 17:57:33 +0000 (Fri, 11 Mar 2016)
New Revision: 40323
Modified:
data/CVE/list
Log:
Add three proftpd-dfsg issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-11 17:52:55 UTC (rev 40322)
+++ data/CVE/list 2016-03-11 17:57:33 UTC (rev 40323)
@@ -1,3 +1,18 @@
+CVE-2016-XXXX [An invalid off by one read can happen in the function pr_fs_dircat()]
+ - proftpd-dfsg <unfixed>
+ NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4194
+ NOTE: https://github.com/proftpd/proftpd/commit/f99ef850a05f46c56be8deae97e59efa50575e69
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
+CVE-2016-XXXX [An invalid off by one read can happen in the string handling function pr_ascii_ftp_to_crlf()]
+ - proftpd-dfsg <unfixed>
+ NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4195
+ NOTE: https://github.com/proftpd/proftpd/pull/145
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
+CVE-2016-XXXX [A missing null termination of a string causes an out of bounds memory read in a test]
+ - proftpd-dfsg <unfixed> (unimportant)
+ NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4193
+ NOTE: https://github.com/proftpd/proftpd/commit/d9f9d469ce1da09c7935f509797d488fa2d08697
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
CVE-2016-3125 [TLSDHParamFile directive ignored]
- proftpd-dfsg <unfixed>
NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4230
More information about the Secure-testing-commits
mailing list