ELA-517-1 atftp security update

denial-of-service due to crafted requests

2021-11-17
Packageatftp
Version0.7.git20120829-1+deb8u2
Related CVEs CVE-2020-6097 CVE-2021-41054


Two issues have been found in atftp, an advanced TFTP client. Both are related to sending crafted requests to the server and triggering a denial-of-service due to for example a buffer overflow.



For Debian 8 jessie, these problems have been fixed in version 0.7.git20120829-1+deb8u2.

We recommend that you upgrade your atftp packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.