Control: retitle -1 tnftp: CVE-2014-8517: ftp(1) can be made execute arbitrary commands by malicious webserver
Hi, On Tue, Oct 28, 2014 at 11:15:44PM +0100, Moritz Muehlenhoff wrote: > Package: tnftp > Severity: grave > Tags: security > > Please see http://www.openwall.com/lists/oss-security/2014/10/28/4 > No CVE ID has been assigned yet. This doesn't warrant a DSA, but > you could fix it up in a point release. In meanwhile a CVE is assigned: CVE-2014-8517, could you please reference it when you fix this issue. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
