Advisories » MGASA-2021-0540

Updated nginx/vsftpd packages fix security vulnerability

Publication date: 08 Dec 2021
Modification date: 08 Dec 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-3618

Description

ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating
Cracks in TLS Authentication
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29220
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/44SPREQ2R4IE2VUUO2HVCFTUGDCYSXAD/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TKXMYKALTHIBJLDHQPBKNQK2FWVOSIG7/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618

SRPMS

8/core

• nginx-1.18.0-5.2.mga8
• vsftpd-3.0.5-1.mga8