[Git][security-tracker-team/security-tracker][master] proftpd CVEs introduced with the OpenSSL 1.1 support in 1.3.5c do not affect jessie or stretch

Adrian Bunk bunk at debian.org
Sat Nov 30 18:19:13 GMT 2019 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7bb97420 by Adrian Bunk at 2019-11-30T17:58:27Z
proftpd CVEs introduced with the OpenSSL 1.1 support in 1.3.5c do not affect jessie or stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -822,16 +822,19 @@ CVE-2015-9537 (The NextGEN Gallery plugin before 2.1.10 for WordPress has multip
 	NOT-FOR-US: NextGEN Gallery plugin for WordPress
 CVE-2019-19272 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Dir ...)
 	- proftpd-dfsg 1.3.6-1
-	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
+	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
+	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
 	NOTE: https://github.com/proftpd/proftpd/issues/858
 CVE-2019-19271 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A w ...)
 	- proftpd-dfsg 1.3.6-1
-	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
+	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
+	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
 	NOTE: https://github.com/proftpd/proftpd/issues/860
 CVE-2019-19270 (An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. F ...)
 	- proftpd-dfsg <unfixed>
 	[buster] - proftpd-dfsg <no-dsa> (Minor issue)
-	[stretch] - proftpd-dfsg <no-dsa> (Minor issue)
+	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
+	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
 	NOTE: https://github.com/proftpd/proftpd/issues/859
 	NOTE: https://github.com/proftpd/proftpd/commit/81cc5dce4fc0285629a1b08a07a109af10c208dd (master)
 	NOTE: https://github.com/proftpd/proftpd/commit/be8e1687819cb665359bd62b4c896ff4b1a09c3f (1.3.6 branch)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bb974203fc94347abd3d12faa422e09c7e0a94e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bb974203fc94347abd3d12faa422e09c7e0a94e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191130/477ada61/attachment.html>

More information about the debian-security-tracker-commits mailing list