-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : atftp CVE ID : CVE-2019-11365 CVE-2019-11366 Debian Bug : 927553 Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. For the stable distribution (stretch), these problems have been fixed in version 0.7.git20120829-3.1~deb9u1. We recommend that you upgrade your atftp packages. For the detailed security status of atftp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/atftp Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzR3plfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QUzQ/+L23mHpE64W7kHpO/IDO42l1Xdg+JajDyfHKk0ObIkETbTdBx3RrRsXCg GBhayk5JhoXeE0w27/vIV2sUi9n1mdyptpVia45XRoBQPCBg7kYctWmI3N4gIRLb SY9EJnyTCJEOeEqbSUuOFJ0BinNqFjj5Mr+miCE2TbzHaSluo9EYC+JrEvljgBSU eolYt60R6Li3LXQlA53QhcVUOSR4G3Dg3RPGNSizq4AmTVGCM4YX0h3mvO5B6e1N wb9+XELHPEIIb6cRAClKwZagpvCcETxaKObgwVdNir96ChJXoG+WIsLqqGGRKhjT 733PHtveVXPo6RDVAUeybQ64bexq4vhznbR7U3X2Uvbbxxw+vN68rdCKAKBiqEK1 Ei9xflVwC1pBN3awyfNPC9AzWzDXUZZmy+wGw73ItWcpT/4GM+BLl9sYFqNmU71g dRKVtUUkoTjIcr5xXhNNu/x2ZEi+PifdQVloNEWqaJJ9WmY7flpXEhzCo4JKKLNe pC6jZKB6I4oAqQzgPBu0zQSHuwYl5kjG7XIq5ysclWIyDLUv4/365n871MLyMDwN cFrI+uFKgeZhR88x/RRLp+3co6nDx7y6TgLZQ1ZiH4oZQMV9AOJaUOTBpJY/GBlr qCJvKn3+wNinPwrmFeJ6Q1fyGXWpLu6QwmRYCInafPEJhdOVX/o= =cSGs -----END PGP SIGNATURE-----