[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2820-1] atftp security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2820-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
November 17, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : atftp
Version        : 0.7.git20120829-3.1~deb9u2
CVE ID         : CVE-2020-6097 CVE-2021-41054


Two issues have been found in atftp, an advanced TFTP client.
Both are related to sending crafted requests to the server and triggering a denial-of-service due to for example a buffer overflow.


For Debian 9 stretch, these problems have been fixed in version
0.7.git20120829-3.1~deb9u2.

We recommend that you upgrade your atftp packages.

For the detailed security status of atftp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/atftp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmGUTMdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcVaRAAw4n7+OF+JlIEVXjS+5NX4D72hdHw/3UyY+sg66GW9y4UOh5kEQiZCN04
MjRz8NJXURqWo52pPNbUTANGa5OEnXfA83NIimpQoDyq65w7CvJ6zfB4SO6sgn5v
mPmT7dq0GT5yvLjHC3KE/qFekoBXDxDyjzg5dBCOgTX5M0ebpiPza/VSkJWrKLQp
Hnkt4YmQ0GBNE2mS50nPisiwAL4HaY6oJkRSaFtgIbmMbsi6LwWW15Q4hner4fBp
ST+GG9PWQ173RRNyPrbrtq2L2oXSAfswonsqvW7SBWoQ1JT4JSXxGMwpouVyhSyj
zjylyl9Ax1srOzVEUoz5OEFQJ+fnb6NldflSohqfn8Jt3KvDIDlEVDA0WoPqwe9R
fE9ikXyZ5gN/nxSHo6946yVQiHIcnVz1/+kgiulDmdGCISYaPi24YnpfcwFx625b
f4JTe4Ax33MFjxn5OcoUgRSTZ7IjqSwubO55X423xoAV7AW33je7L1hI46/hytOC
g2nSzvjM8NlpKFr4h461Uz8pKAVOR+PZfsMTom+XRaNnkfKOkzbJJ/D25koE1oek
j0/Wnd//V1BokmzEZLEGfh2/soPG8u62YEKubMSAoHwe4clQ2AWrZs/qiBas7KCR
9xcj5CyzhSmFLWXFflxICZZt7WXQs82XSvIbuIZtAY3OxF4y4Pg=
=s1qg
-----END PGP SIGNATURE-----


Reply to: