Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 326b5db2 by Chris Lamb at 2020-03-27T09:28:39+00:00 Update notes regarding CVE-2020-10188 in netkit-telnet and netkit-telnet-ssl. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -2001,6 +2001,7 @@ CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote - netkit-telnet <unfixed> (bug #953477) - netkit-telnet-ssl <unfixed> (bug #953478) NOTE: https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html + NOTE: https://github.com/marado/netkit-telnet-ssl/issues/5 TODO: check further details CVE-2019-20503 (usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...) {DSA-4645-1 DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1} ===================================== data/dla-needed.txt ===================================== @@ -52,10 +52,12 @@ mumble (Abhijith PA) netkit-telnet NOTE: 20200310: No patch available, yet. Only PoC. (sunweaver) NOTE: 20200320: Upstream's dead, keep an eye on other distros and krb5-appl (embed). (beuc) + NOTE: 20200327: Pinged issue on the ~new upstream. (lamby) -- netkit-telnet-ssl NOTE: 20200310: No patch available, yet. Only PoC. (sunweaver) NOTE: 20200320: Upstream's dead, keep an eye on other distros and krb5-appl (embed). (beuc) + NOTE: 20200327: Pinged issue on the ~new upstream. (lamby) -- nss (Thorsten Alteholz) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/326b5db2a068cc9b1890a16c49e5dd6284e6e42d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/326b5db2a068cc9b1890a16c49e5dd6284e6e42d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits