FEDORA-EPEL-2019-72ead04703 created by pghmcfc 8 days ago for Fedora EPEL 7
testing

This update addresses a number of bugs affecting processing of CRLs in mod_tls, including possible null pointer dereferences and missing some checks. Thanks to Lionel Debroux for reporting them.

This update has been submitted for testing by pghmcfc.

8 days ago

This update's test gating status has been changed to 'waiting'.

8 days ago

This update's test gating status has been changed to 'ignored'.

8 days ago

pghmcfc edited this update.

8 days ago

pghmcfc edited this update.

8 days ago

pghmcfc edited this update.

8 days ago

This update has been pushed to testing.

8 days ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
2
Stable by Time
14 days
Dates
submitted
8 days ago
in testing
8 days ago
days to stable
6
modified
8 days ago
BZ#1777975 CVE-2019-19269 proftpd: NULL pointer dereference when validating the certificate of a client connecting to the server
0
0
BZ#1777978 CVE-2019-19269 proftpd: NULL pointer dereference when validating the certificate of a client connecting to the server [epel-7]
0
0
BZ#1778222 CVE-2019-19272 proftpd: NULL pointer dereference in tls_verify_crl when validating the certificate of a client
0
0
BZ#1778226 CVE-2019-19272 proftpd: NULL pointer dereference in tls_verify_crl when validating the certificate of a client [epel-all]
0
0
BZ#1778231 CVE-2019-19271 proftpd: A wrong iteration variable, used when checking a client certificate against CRL entries, can cause some CRL entries to be ignored
0
0
BZ#1778233 CVE-2019-19271 proftpd: A wrong iteration variable, used when checking a client certificate against CRL entries, can cause some CRL entries to be ignored [epel-all]
0
0
BZ#1778258 CVE-2019-19270 proftpd: failure to check for the appropriate field of a CRL entry prevents some valid CRLs from being taken into account
0
0
BZ#1778261 CVE-2019-19270 proftpd: failure to check for the appropriate field of a CRL entry prevents some valid CRLs from being taken into account [epel-all]
0
0

Automated Test Results