Change log for cfrpki package in Debian
| 1 → 13 of 13 results | First • Previous • Next • Last |
cfrpki (1.5.10-2) unstable; urgency=medium * Re-upload to unstable. -- Marco d'Itri <email address hidden> Sun, 24 Sep 2023 22:22:59 +0200
Available diffs
| Deleted in experimental-release (Reason: None provided.) |
cfrpki (1.5.10-1) experimental; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Sat, 29 Apr 2023 18:38:11 +0200
| Superseded in experimental-release |
cfrpki (1.5.5-1) experimental; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Fri, 07 Apr 2023 10:25:52 +0200
| Superseded in experimental-release |
cfrpki (1.5.4-1) experimental; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Sat, 01 Apr 2023 23:58:34 +0200
| Superseded in experimental-release |
cfrpki (1.5.1-1) experimental; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Thu, 30 Mar 2023 03:46:06 +0200
cfrpki (1.4.4-1) unstable; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Tue, 25 Oct 2022 02:20:28 +0200
Available diffs
- diff from 1.4.3-1 to 1.4.4-1 (23.1 KiB)
cfrpki (1.4.3-1) unstable; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Tue, 17 May 2022 01:59:05 +0200
Available diffs
- diff from 1.4.2-1 to 1.4.3-1 (1.3 KiB)
| Published in bullseye-release |
cfrpki (1.4.2-1~deb11u1) bullseye-security; urgency=high
* Rebuild for bullseye-security. Fixes:
- Certificate chain loop.
- RRDP Gzip bomb (CVE-2021-43174 CVE-2021-3912).
- RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
- ROA with ASCII NUL char (CVE-2021-3910).
- Malformed ROAs (CVE-2021-3911).
- Repo contains 100GB of trash.
- Dot-dot-slash path traversal (CVE-2021-3907).
- Improper preservation of permissions (CVE-2021-3978).
-- Marco d'Itri <email address hidden> Sun, 26 Dec 2021 14:38:26 +0100
cfrpki (1.4.2-1) unstable; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Sun, 28 Nov 2021 00:42:04 +0100
Available diffs
- diff from 1.4.0-1 to 1.4.2-1 (2.0 KiB)
cfrpki (1.4.0-1) unstable; urgency=high * New upstream release. -- Marco d'Itri <email address hidden> Wed, 10 Nov 2021 23:02:55 +0100
Available diffs
- diff from 1.3.0-1 to 1.4.0-1 (68.4 KiB)
cfrpki (1.3.0-1) unstable; urgency=medium
* New upstream release. Fixes:
+ Prevent ROA issuers from making cfrpki emit an invalid VRP
"MaxLength" value, hence causing RTR sessions to terminate.
(CVE-2021-3761, Closes: #994572)
-- Marco d'Itri <email address hidden> Sat, 18 Sep 2021 23:59:55 +0200
Available diffs
- diff from 1.2.2-1 to 1.3.0-1 (1.3 KiB)
cfrpki (1.2.2-1) unstable; urgency=medium * New upstream release. -- Marco d'Itri <email address hidden> Sun, 10 Jan 2021 00:38:17 +0100
Available diffs
cfrpki (1.1.4-3) unstable; urgency=medium * Re-upload to unstable. -- Marco d'Itri <email address hidden> Thu, 23 Apr 2020 14:49:56 +0200
| 1 → 13 of 13 results | First • Previous • Next • Last |
