[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag reference for proftpd commit

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 20 10:32:18 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdc8d6f0 by Salvatore Bonaccorso at 2023-12-20T11:30:30+01:00
Add upstream tag reference for proftpd commit

- - - - -
3773bab3 by Salvatore Bonaccorso at 2023-12-20T11:31:48+01:00
Add proftpd-mod-proxy for CVE-2023-48795

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -496,6 +496,7 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun
 	- paramiko <unfixed> (bug #1059006)
 	- putty 0.80-1
 	- proftpd-dfsg <unfixed>
+	- proftpd-mod-proxy <unfixed>
 	- python-asyncssh <unfixed> (bug #1059007)
 	- tinyssh <unfixed> (bug #1059058)
 	NOTE: https://terrapin-attack.com/
@@ -529,7 +530,8 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun
 	NOTE: asyncssh: https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55
 	NOTE: asyncssh: https://github.com/ronf/asyncssh/commit/0bc73254f41acb140187e0c89606311f88de5b7b (v2.14.2)
 	NOTE: proftpd: https://github.com/proftpd/proftpd/issues/1760
-	NOTE: proftpd: https://github.com/proftpd/proftpd/commit/7fba68ebb3ded3047a35aa639e115eba7d585682
+	NOTE: proftpd: https://github.com/proftpd/proftpd/commit/7fba68ebb3ded3047a35aa639e115eba7d585682 (v1.3.9rc2)
+	NOTE: proftpd-mod-proxy: https://github.com/Castaglia/proftpd-mod_proxy/issues/257
 CVE-2023-41314 (The api /api/snapshot and /api/get_log_file would allow unauthenticate ...)
 	NOT-FOR-US: Apache Doris
 CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7...3773bab37d31a3af4603c8e2a0041ed5fe8886ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7...3773bab37d31a3af4603c8e2a0041ed5fe8886ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/a15b9e7c/attachment.htm>

More information about the debian-security-tracker-commits mailing list