Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted atftp 0.7.git20120829-3.1~deb9u2 (source amd64) into oldoldstable
Date: Tue, 16 Nov 2021 22:50:13 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Nov 2021 23:02:02 +0100
Source: atftp
Binary: atftp atftpd
Architecture: source amd64
Version: 0.7.git20120829-3.1~deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Ludovic Drolez <ldrolez@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 atftp      - advanced TFTP client
 atftpd     - advanced TFTP server
Changes:
 atftp (0.7.git20120829-3.1~deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2020-6097
     By sending a special crafted sequence of RRQ-multicast request,
     an attacker could trigger a denial-of-service.
   * CVE-2021-41054
     When sending a crafted combination of TFTP options to the server, an
     attacker could trigger a denial-of-service due to a buffer overflow.
Checksums-Sha1:
 2f7d3ef1b4a96496d2f019699f870e810d48d8f7 1987 atftp_0.7.git20120829-3.1~deb9u2.dsc
 6db7891546a5e19add6390c33ce82d2b1596c5ac 90982 atftp_0.7.git20120829.orig.tar.gz
 57e23deb22fc17a80fa3b763b2ed6918f7cf0a30 38948 atftp_0.7.git20120829-3.1~deb9u2.diff.gz
 d779c9e8351e2aaa5d7370b0c22f8d41fc5e7a3b 59498 atftp-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 45a884fa15adba52ebf52079890035dbc622383e 7266 atftp_0.7.git20120829-3.1~deb9u2_amd64.buildinfo
 e318cf2d78f38037a8f01efd55cecf8e54207910 37222 atftp_0.7.git20120829-3.1~deb9u2_amd64.deb
 718431f6d5983123e8e0c05e3139fc889e4c16aa 71838 atftpd-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 6802dc0e648ed1e9920c89101abd2adb1c28f4d1 68290 atftpd_0.7.git20120829-3.1~deb9u2_amd64.deb
Checksums-Sha256:
 f35c81023b0096bca7a5f0e4a2d89d05d9d2126b8979b005a44b0e8081774146 1987 atftp_0.7.git20120829-3.1~deb9u2.dsc
 d93a302ead76a0629feb061768df4393f9da02e3ffbf25eb10d281082ecf02d0 90982 atftp_0.7.git20120829.orig.tar.gz
 0f2606e0275a4dee7e225436fa1d22585e761ed6f9f97f8f327273926c75f047 38948 atftp_0.7.git20120829-3.1~deb9u2.diff.gz
 e28019085289607f6e23fab0adbc66c3bb77f61d2d8c400c159f39a787de163c 59498 atftp-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 9cb1835204ca10da91425575f058551deb4bf1acc147aad53060d553fc3aab80 7266 atftp_0.7.git20120829-3.1~deb9u2_amd64.buildinfo
 74d6f292d4bd4826766e2a7ed0d63ccc226714b537645410460c199cbfbce3d8 37222 atftp_0.7.git20120829-3.1~deb9u2_amd64.deb
 642f0a3fddf406291121106e3e5993d74f11938c15f6715fe10be93ded01ebd1 71838 atftpd-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 f3bffbe15516a6bcc301ac7b59f2fd10e99cf8d1fa0b597e16a79f2e904fa049 68290 atftpd_0.7.git20120829-3.1~deb9u2_amd64.deb
Files:
 fdb221ac0adae6d7417b57974e00d6da 1987 net extra atftp_0.7.git20120829-3.1~deb9u2.dsc
 f0cf6eb9e38cd7c789c0f953f20e1b69 90982 net extra atftp_0.7.git20120829.orig.tar.gz
 2523bdd47be1d98a0979412c727bebe6 38948 net extra atftp_0.7.git20120829-3.1~deb9u2.diff.gz
 440446aa1e11bb634bb7f9f36e549247 59498 debug extra atftp-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 62b92bdf66ccc17ac134e2c377b690ff 7266 net extra atftp_0.7.git20120829-3.1~deb9u2_amd64.buildinfo
 70480950f90272ce7ac29ea1d82a07e0 37222 net extra atftp_0.7.git20120829-3.1~deb9u2_amd64.deb
 169fb04a13713f7c7cfd80f5397d3e5b 71838 debug extra atftpd-dbgsym_0.7.git20120829-3.1~deb9u2_amd64.deb
 3e0a4426d52385650969c1d7807187ac 68290 net extra atftpd_0.7.git20120829-3.1~deb9u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmGUMohfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR5sbD/0fkuycJwuF2KZSnaI/ZxxPGFcLLJD4
UHE9+GqlPFwqpuJ29IGgjhd35J5etKGmVPtQrS+QRl1kxK32yQDELUVuTl62ZKSZ
zGRFj0N382MveKMH4LcakuETgAN4/6LFHhuRBhGKkWOZZOFXkZC8uRUbM5jiT8vI
x2rij5N2HAYeMZpeSJsmqA1Rx/XpXQGej16U57S0gDpVLfEXA7ctIvdV5RfiRxjr
pEwHlhMmDBhI/5qnHOs4uULx79iVK9EwZge+9EJcNRd7o46TOxf5NN8HCOVErANL
hu5X+bFwTVDJ6rrbyvdRUIZFxsE4sNWYsKzPfq+jPsJADyEBDql+LJX8Y2upsriu
/zfxxwufpzZzRwRVyNvW6Oe9kmqfdRrSbYplBpbcB02j7dlAZJLTFZ6emKJQX5PD
mzX2GLi92G06S1QcRlFIHPAztsasHDAf+8AzoQIEs1qCKQoLIg+pX6prq5TMnWIf
lXJEl1+f6prm1Ir4jEAX6eEAPJfycLrxqkD2URbK3I5aqqNg0fj7BcaQwPlLuc9i
ShZE9QmXOmyYtKrB4VWQovPo0HW5PefiV3aIOK3iLAPwlMarB7+vZ1i9IfpVQIhK
TrrwdpeJKLg/qBlH6zt8a+uJl+nzgmDE/50NiyFho7PzZF6/3cucbMQ1Yd2llCYZ
VkwvQGuSyOAi1g==
=z8vJ
-----END PGP SIGNATURE-----
News for package atftp
