Mageia 2021-0540: nginx/vsftpd security update
Summary
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating
Cracks in TLS Authentication
References
- https://bugs.mageia.org/show_bug.cgi?id=29220
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/44SPREQ2R4IE2VUUO2HVCFTUGDCYSXAD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TKXMYKALTHIBJLDHQPBKNQK2FWVOSIG7/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
Resolution
MGASA-2021-0540 - Updated nginx/vsftpd packages fix security vulnerability
SRPMS
- 8/core/nginx-1.18.0-5.2.mga8
- 8/core/vsftpd-3.0.5-1.mga8