1) CVE-2019-11365 Description: "An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this vulnerable strncpy pattern within the code base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c, and tftp_mtftp.c. " Patch (in 0.7.2): https://sourceforge.net/p/atftp/code/ci/abed7d245d8e8bdfeab24f9f7f55a52c3140f96b/ 2) CVE-2019-11366 Description: "An issue was discovered in atftpd in atftp 0.7.1. It does not lock the thread_list_mutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If thread_data is NULL when assigned to current, and modified by another thread before a certain tftpd_list.c check, there is a crash when dereferencing current->next." Patch (in 0.7.2): https://sourceforge.net/p/atftp/code/ci/382f76a90b44f81fec00e2f609a94def4a5d3580/
Arches, please stabilize =net-ftp/atftp-0.7.2
An automated check of this bug failed - the following atom is unknown: net-ftp/atftp-0.7.2 Please verify the atom list.
(In reply to Stabilization helper bot from comment #2) > An automated check of this bug failed - the following atom is unknown: > > net-ftp/atftp-0.7.2 > > Please verify the atom list. Correction: net-ftp/atftp-0.7.2-r1
amd64 stable
x86 stable
ppc64 stable
ppc stable
arm stable. Maintainer(s), please cleanup.
Removed old version and associated files.
New GLSA request filed.
This issue was resolved and addressed in GLSA 202003-14 at https://security.gentoo.org/glsa/202003-14 by GLSA coordinator Thomas Deutschmann (whissi).