[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag reference for proftpd commit

Wed, 20 Dec 2023 02:32:25 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cdc8d6f0 by Salvatore Bonaccorso at 2023-12-20T11:30:30+01:00
Add upstream tag reference for proftpd commit

- - - - -
3773bab3 by Salvatore Bonaccorso at 2023-12-20T11:31:48+01:00
Add proftpd-mod-proxy for CVE-2023-48795

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -496,6 +496,7 @@ CVE-2023-48795 (The SSH transport protocol with certain 
OpenSSH extensions, foun
        - paramiko <unfixed> (bug #1059006)
        - putty 0.80-1
        - proftpd-dfsg <unfixed>
+       - proftpd-mod-proxy <unfixed>
        - python-asyncssh <unfixed> (bug #1059007)
        - tinyssh <unfixed> (bug #1059058)
        NOTE: https://terrapin-attack.com/
@@ -529,7 +530,8 @@ CVE-2023-48795 (The SSH transport protocol with certain 
OpenSSH extensions, foun
        NOTE: asyncssh: 
https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55
        NOTE: asyncssh: 
https://github.com/ronf/asyncssh/commit/0bc73254f41acb140187e0c89606311f88de5b7b
 (v2.14.2)
        NOTE: proftpd: https://github.com/proftpd/proftpd/issues/1760
-       NOTE: proftpd: 
https://github.com/proftpd/proftpd/commit/7fba68ebb3ded3047a35aa639e115eba7d585682
+       NOTE: proftpd: 
https://github.com/proftpd/proftpd/commit/7fba68ebb3ded3047a35aa639e115eba7d585682
 (v1.3.9rc2)
+       NOTE: proftpd-mod-proxy: 
https://github.com/Castaglia/proftpd-mod_proxy/issues/257
 CVE-2023-41314 (The api /api/snapshot and /api/get_log_file would allow 
unauthenticate ...)
        NOT-FOR-US: Apache Doris
 CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository 
mlflow/mlflow prio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7...3773bab37d31a3af4603c8e2a0041ed5fe8886ed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7...3773bab37d31a3af4603c8e2a0041ed5fe8886ed
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to