[Secure-testing-commits] r40323 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Mar 11 17:57:33 UTC 2016


Author: carnil
Date: 2016-03-11 17:57:33 +0000 (Fri, 11 Mar 2016)
New Revision: 40323

Modified:
   data/CVE/list
Log:
Add three proftpd-dfsg issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-11 17:52:55 UTC (rev 40322)
+++ data/CVE/list	2016-03-11 17:57:33 UTC (rev 40323)
@@ -1,3 +1,18 @@
+CVE-2016-XXXX [An invalid off by one read can happen in the function pr_fs_dircat()]
+	- proftpd-dfsg <unfixed>
+	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4194
+	NOTE: https://github.com/proftpd/proftpd/commit/f99ef850a05f46c56be8deae97e59efa50575e69
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
+CVE-2016-XXXX [An invalid off by one read can happen in the string handling function pr_ascii_ftp_to_crlf()]
+	- proftpd-dfsg <unfixed>
+	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4195
+	NOTE: https://github.com/proftpd/proftpd/pull/145
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
+CVE-2016-XXXX [A missing null termination of a string causes an out of bounds memory read in a test]
+	- proftpd-dfsg <unfixed> (unimportant)
+	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4193
+	NOTE: https://github.com/proftpd/proftpd/commit/d9f9d469ce1da09c7935f509797d488fa2d08697
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/11/12
 CVE-2016-3125 [TLSDHParamFile directive ignored]
 	- proftpd-dfsg <unfixed>
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4230




More information about the Secure-testing-commits mailing list