Ubuntu
proftpd-dfsg package

proftpd-dfsg 1.3.2e-4ubuntu0.1 source package in Ubuntu

Changelog

proftpd-dfsg (1.3.2e-4ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: Telnet IAC processing stack overflow.
     This vulnerability allows remote attackers to execute arbitrary code on
     vulnerable installations of ProFTPD. Authentication is not required to
     exploit this vulnerability.
     (LP: #674646)
     - debian/patches/3521.patch: adjust src/netio.c to check buflen properly.
     - http://bugs.proftpd.org/attachment.cgi?id=3521
     - CVE-2010-4221
   * SECURITY UPDATE: Inappropriate directory traversal allowed by
     mod_site_misc. This vulnerability can be used to:
      - create a directory located outside the writable directory
      - delete a directory located outside the writable directory
      - create a symlink located outside the writable directory
      - change the time of a file located outside the writable directory.
    (LP: #674798)
     - debian/patches/CVE_2010_3867.dpatch: based on debian 3519.dpatch
       backported to v1.3.2
     - http://bugs.proftpd.org/attachment.cgi?id=3519
     - CVE-2010-3867
   * Thanks to Neil Wilson <email address hidden> for backporting patches
 -- Steve Beattie <email address hidden>   Wed, 17 Nov 2010 16:02:50 -0800

Upload details

Uploaded by:
Steve Beattie
Uploaded to:
Maverick
Original maintainer:
MOTU
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
proftpd-dfsg_1.3.2e.orig.tar.gz 2.9 MiB d6bbb8ec74ded5888e45b164b27bcf9c4e9715159520fd5655992f3896788d41
proftpd-dfsg_1.3.2e-4ubuntu0.1.diff.gz 106.3 KiB 6da7863ea7b2c3cd639bd0ba6366b3cde80ea63e8ee4469e7e2368668b10df97
proftpd-dfsg_1.3.2e-4ubuntu0.1.dsc 2.1 KiB 270183fe0290d62b5d2d0bc41b7e7501d3126c6ab8936255c749b49e52d6735f

View changes file

Binary packages built by this source

proftpd-basic: No summary available for proftpd-basic in ubuntu maverick.

No description available for proftpd-basic in ubuntu maverick.

proftpd-dev: No summary available for proftpd-dev in ubuntu maverick.

No description available for proftpd-dev in ubuntu maverick.

proftpd-doc: No summary available for proftpd-doc in ubuntu maverick.

No description available for proftpd-doc in ubuntu maverick.

proftpd-mod-ldap: No summary available for proftpd-mod-ldap in ubuntu maverick.

No description available for proftpd-mod-ldap in ubuntu maverick.

proftpd-mod-mysql: No summary available for proftpd-mod-mysql in ubuntu maverick.

No description available for proftpd-mod-mysql in ubuntu maverick.

proftpd-mod-odbc: No summary available for proftpd-mod-odbc in ubuntu maverick.

No description available for proftpd-mod-odbc in ubuntu maverick.

proftpd-mod-pgsql: No summary available for proftpd-mod-pgsql in ubuntu maverick.

No description available for proftpd-mod-pgsql in ubuntu maverick.

proftpd-mod-sqlite: No summary available for proftpd-mod-sqlite in ubuntu maverick.

No description available for proftpd-mod-sqlite in ubuntu maverick.