Ubuntu
proftpd-dfsg package

proftpd-dfsg 1.3.2c-1ubuntu0.1 source package in Ubuntu

Changelog

proftpd-dfsg (1.3.2c-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Telnet IAC processing stack overflow.
     This vulnerability allows remote attackers to execute arbitrary code on
     vulnerable installations of ProFTPD. Authentication is not required to
     exploit this vulnerability.
     (LP: #674646)
     - debian/patches/3521.patch: adjust src/netio.c to check buflen properly.
     - http://bugs.proftpd.org/attachment.cgi?id=3521
     - CVE-2010-4221
   * SECURITY UPDATE: Inappropriate directory traversal allowed by
     mod_site_misc. This vulnerability can be used to:
      - create a directory located outside the writable directory
      - delete a directory located outside the writable directory
      - create a symlink located outside the writable directory
      - change the time of a file located outside the writable directory.
    (LP: #674798)
     - debian/patches/CVE_2010_3867.dpatch: based on debian 3519.dpatch
       backported to v1.3.2
     - http://bugs.proftpd.org/attachment.cgi?id=3519
     - CVE-2010-3867
 -- Neil Wilson <email address hidden>   Sat, 13 Nov 2010 11:51:28 +0000

Upload details

Uploaded by:
Neil Wilson
Sponsored by:
Steve Beattie
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
proftpd-dfsg_1.3.2c.orig.tar.gz 2.9 MiB 78bb96ed1127e4fcd9275612e80b8c60c65516d16f9738f19053390096717d9c
proftpd-dfsg_1.3.2c-1ubuntu0.1.diff.gz 94.4 KiB 33e62a86d28e3e1024ae52d3bf7393f9e760fe12b5cf887c60055d56d70132f2
proftpd-dfsg_1.3.2c-1ubuntu0.1.dsc 2.1 KiB ca6950903954254a60bc688a13bb31d5f96285f0845dfb35bccead2a441490ec

View changes file

Binary packages built by this source

proftpd-basic: No summary available for proftpd-basic in ubuntu lucid.

No description available for proftpd-basic in ubuntu lucid.

proftpd-dev: No summary available for proftpd-dev in ubuntu lucid.

No description available for proftpd-dev in ubuntu lucid.

proftpd-doc: No summary available for proftpd-doc in ubuntu lucid.

No description available for proftpd-doc in ubuntu lucid.

proftpd-mod-ldap: No summary available for proftpd-mod-ldap in ubuntu lucid.

No description available for proftpd-mod-ldap in ubuntu lucid.

proftpd-mod-mysql: No summary available for proftpd-mod-mysql in ubuntu lucid.

No description available for proftpd-mod-mysql in ubuntu lucid.

proftpd-mod-odbc: No summary available for proftpd-mod-odbc in ubuntu lucid.

No description available for proftpd-mod-odbc in ubuntu lucid.

proftpd-mod-pgsql: No summary available for proftpd-mod-pgsql in ubuntu lucid.

No description available for proftpd-mod-pgsql in ubuntu lucid.

proftpd-mod-sqlite: No summary available for proftpd-mod-sqlite in ubuntu lucid.

No description available for proftpd-mod-sqlite in ubuntu lucid.