Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
307f10ae by Salvatore Bonaccorso at 2021-07-22T13:46:14+02:00
Make note indentation more compatible with merge-cve-files
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4257,9 +4257,9 @@ CVE-2021-3618
NOTE: Generic TLS protocol issue, some applications have released
mitigations:
NOTE: nginx: http://hg.nginx.org/nginx/rev/ec1071830799
NOTE: vsftpd: https://security.appspot.com/vsftpd/Changelog.txt (3.0.4)
- NOTE: * Close the control connection after 10 unknown commands
pre-login.
- NOTE: * Reject any TLS ALPN advertisement that's not 'ftp'.
- NOTE: * Add ssl_sni_hostname option to require a match on incoming
SNI hostname.
+ NOTE: * Close the control connection after 10 unknown commands
pre-login.
+ NOTE: * Reject any TLS ALPN advertisement that's not 'ftp'.
+ NOTE: * Add ssl_sni_hostname option to require a match on incoming SNI
hostname.
NOTE: sendmail: Fixed in 3.16.1:
https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
NOTE: exim4 has config option:
https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
CVE-2021-3617
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/307f10ae207590a51066ed28653b633c314c87e1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/307f10ae207590a51066ed28653b633c314c87e1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
