[Git][security-tracker-team/security-tracker][master] Mark open proftpd-issues as fixed in 1.3.5e-0+deb8u1

Markus Koschany apo at debian.org
Tue Apr 9 00:51:49 BST 2019 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8f4cc1e by Markus Koschany at 2019-04-08T23:51:22Z
Mark open proftpd-issues as fixed in 1.3.5e-0+deb8u1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4035,6 +4035,7 @@ CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI
 CVE-2019-XXXX [high memory usage with some long running sessions]
 	- proftpd-dfsg 1.3.5d-1 (bug #923926)
 	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
+	[jessie] - proftpd-dfsg 1.3.5e-0+deb8u1
 	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
 	NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069
 CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by leve ...)
@@ -165553,7 +165554,7 @@ CVE-2015-8377 (SQL injection vulnerability in the host_new_graphs_save function
 	NOTE: http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt
 CVE-2015-XXXX [Avoid unbounded SFTP extended attribute key/values]
 	- proftpd-dfsg 1.3.5b-1
-	[jessie] - proftpd-dfsg <no-dsa> (Minor issue; can be fixed in point release)
+	[jessie] - proftpd-dfsg 1.3.5e-0+deb8u1
 	[wheezy] - proftpd-dfsg <no-dsa> (Minor issue; can be fixed in point release)
 	[squeeze] - proftpd-dfsg <not-affected> (Vulnerable code not present)
 	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4210



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8f4cc1eb14efa3f0ec48e3f6bdbc75c6ac408ca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8f4cc1eb14efa3f0ec48e3f6bdbc75c6ac408ca
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190408/e367888e/attachment.html>

More information about the debian-security-tracker-commits mailing list