Control: tags -1 + confirmed On Tue, 2019-12-10 at 23:48 +0100, Hilmar Preusse wrote: > te attached debdiff fixes the issues > > #946345 proftpd-dfsg: CVE-2019-19269 > #946346 proftpd-dfsg: CVE-2019-19270 > > ...for Debian buster. I built/installed the package an Debian stable > and could login into the server and transfer file.
+proftpd-dfsg (1.3.6-4+deb10u3) buster-security; urgency=medium No "-security" for p-u, please. + * Cherry pick patch from upstream: + - for upstream 861 (CVE-2019-19269) (Closes: #946345) + - for upstream 859 (CVE-2019-19270) (Closes: #946346) + upstream_pull_859_861_CVE-2019-19270_CVE-2019-19269 Please go ahead. Regards, Adam
