[SECURITY] [DLA 1783-1] atftp security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1783-1] atftp security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 12 May 2019 23:10:54 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.1905122309590.30272@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : atftp
Version        : 0.7.git20120829-1+deb8u1
CVE ID         : CVE-2019-11365 CVE-2019-11366

Denis Andzakovic discovered two vulnerabilities in atftp, the advancedTFTP server which could result in denial of service by sending malformedpackets.



For Debian 8 "Jessie", these problems have been fixed in version
0.7.git20120829-1+deb8u1.

We recommend that you upgrade your atftp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlzYi95fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEelYBAApHku8cx2I8iVMXWQ8l45G1SVM1e0zCL0BknXQ+qcyPoBnogg8czuMVa3
my0gJfY4zWpZyLM86jI7+Tyr4kuhyjcKk9jTrVsmGfnQRYhPiCyVnrlwLLmb1Mpi
PuUfzqRJZWyKFdOYhPfB8hA0pW0A76wVRzvxj+up0rspWxDYbzf/vNM/T/ghswuX
YNVyjFI3XUMVVfz6T+BUsUXrUJV8NzvXnTxz8r9pNRFNSAEgLXLZFxH2tw9s3ETm
bTe8Xw/viUQ66/SYjUIN7DPrCHbYXw05pNBwS8zj0wz3pWXa/DFGSILr48Qjkid/
JgWD+zR39vB+YJ/HfvzxlNkq1BPRFJRvzcZP6XbZcQ4Cz8/ZE7V0QrfDHYHQ6H0O
GfVoooi+WXwPftnQSXR4FGzx+pSHyWsWWj5gnm4QL7kf/VtUJnTrIhCU3Oqruy13
RcDsLBfHqBJVeey6EU9HK21gl/GwQOLsHQKDc/Jy+EPWiB0rPar1WdFDXiXrD2HV
lCAP0JXCKr8589b9jlKqoppPI4yVVqPXGkrTrXHhJ+qNVsUeq3ZW78fvzTfOVqbf
e+FMZNgWGXSpQERzn4Zp5t2cKl64X5DXEMEtBgHud46EXPTcZJ0jBhxtmAPDw+kq
8f0znDIqsEWsWt/A8YxWZlT9ZGaqOjQihHriWK/ZgMxjHUNXCJ4=
=9sdT
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1782-1] openjdk-7 security update
Next by Date: [SECURITY] [DLA 1784-1] postgresql-9.4 new minor release
Previous by thread: [SECURITY] [DLA 1782-1] openjdk-7 security update
Next by thread: [SECURITY] [DLA 1784-1] postgresql-9.4 new minor release
Index(es):
- Date
- Thread