From f714623962b4b96f7599ff555083fd0974ab2765a19d57112b366b7835527961 Mon Sep 17 00:00:00 2001 From: Christian Wittmer Date: Wed, 3 Jan 2024 14:53:23 +0000 Subject: [PATCH 1/2] Accepting request 1136553 from home:computersalat:devel:network Update changes file about missing CVE infos OBS-URL: https://build.opensuse.org/request/show/1136553 OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=99 --- proftpd.changes | 11 +++++++++++ proftpd.spec | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/proftpd.changes b/proftpd.changes index 73dd5e1..2ce4e09 100644 --- a/proftpd.changes +++ b/proftpd.changes @@ -1,7 +1,15 @@ +------------------------------------------------------------------- +Wed Jan 3 14:44:02 UTC 2024 - chris@computersalat.de + +- Update changes file + * add missing boo#1218144 (CVE-2023-48795) info + * add missing CVE-2023-51713 info + ------------------------------------------------------------------- Wed Dec 27 21:52:11 UTC 2023 - chris@computersalat.de - 1.3.8a - Released 19-Dec-2023 + fix for boo#1218144 (CVE-2023-48795) * http://proftpd.org/docs/NEWS-1.3.8b * Implemented mitigations for "Terrapin" SSH attack (CVE-2023-48795). - rebase patch @@ -11,6 +19,9 @@ Wed Dec 27 21:52:11 UTC 2023 - chris@computersalat.de Thu Nov 2 16:24:34 UTC 2023 - chris@computersalat.de - 1.3.8a - Released 08-Oct-2023 + fix for boo#1218344 (CVE-2023-51713): + gh#1683 - Out-of-bounds buffer read when handling FTP commands. + https://github.com/proftpd/proftpd/issues/1683 * http://proftpd.org/docs/NEWS-1.3.8a * Fixed builds when using OpenSSL 3.x diff --git a/proftpd.spec b/proftpd.spec index b55a439..a813f0c 100644 --- a/proftpd.spec +++ b/proftpd.spec @@ -1,7 +1,7 @@ # # spec file for package proftpd # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed From 6334db80d66bb0970fdb3511d91deebb20caa9a492ec366ed128034611a49b49 Mon Sep 17 00:00:00 2001 From: Christian Wittmer Date: Wed, 3 Jan 2024 14:59:03 +0000 Subject: [PATCH 2/2] Accepting request 1136556 from home:computersalat:devel:network fix typo in Release version OBS-URL: https://build.opensuse.org/request/show/1136556 OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=100 --- proftpd.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proftpd.changes b/proftpd.changes index 2ce4e09..4eb009a 100644 --- a/proftpd.changes +++ b/proftpd.changes @@ -8,7 +8,7 @@ Wed Jan 3 14:44:02 UTC 2024 - chris@computersalat.de ------------------------------------------------------------------- Wed Dec 27 21:52:11 UTC 2023 - chris@computersalat.de -- 1.3.8a - Released 19-Dec-2023 +- 1.3.8b - Released 19-Dec-2023 fix for boo#1218144 (CVE-2023-48795) * http://proftpd.org/docs/NEWS-1.3.8b * Implemented mitigations for "Terrapin" SSH attack (CVE-2023-48795).