[Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa, proftpd-dfsg memory leak issue from 2019. Upload is pending.

Markus Koschany apo at debian.org
Sat Aug 22 17:10:38 BST 2020 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b276b174 by Markus Koschany at 2020-08-22T18:09:01+02:00
Remove no-dsa, proftpd-dfsg memory leak issue from 2019. Upload is pending.

- - - - -
e5a2965a by Markus Koschany at 2020-08-22T18:10:26+02:00
Reserve DLA-2338-1 for proftpd-dfsg

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89935,7 +89935,6 @@ CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI
 	NOT-FOR-US: JBMC DirectAdmin
 CVE-2019-XXXX [high memory usage with some long running sessions]
 	- proftpd-dfsg 1.3.5d-1 (bug #923926)
-	[stretch] - proftpd-dfsg <ignored> (Minor issue)
 	[jessie] - proftpd-dfsg 1.3.5e-0+deb8u1
 	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
 	NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[22 Aug 2020] DLA-2338-1 proftpd-dfsg - security update
+	[stretch] - proftpd-dfsg 1.3.5e+r1.3.5b-4+deb9u1
 [22 Aug 2020] DLA-2337-1 python2.7 - security update
 	{CVE-2018-20852 CVE-2019-5010 CVE-2019-9636 CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-16056 CVE-2019-20907}
 	[stretch] - python2.7 2.7.13-2+deb9u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f16f1f789acda233b8a9b6b679d82f01115079d0...e5a2965a738b0c0990ccbc8891462e2f8efbd9a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f16f1f789acda233b8a9b6b679d82f01115079d0...e5a2965a738b0c0990ccbc8891462e2f8efbd9a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200822/8f979e35/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list