subject:"\[Bug 1462311\] Re\: proftpd mod_copy issue \(CVE\-2015\-3306\)"

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Tyler Hicks

** Changed in: proftpd-dfsg (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Launchpad Bug Tracker

This bug was fixed in the package proftpd-dfsg - 1.3.4a-1ubuntu0.1

---
proftpd-dfsg (1.3.4a-1ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.4a allows remote
attackers to read and write to arbitrary files via the site cpfr and
site cpto commands. (LP: #1462311)
- debian/patches/CVE-2015-3306.patch: adjust contrib/mod_copy.c to
  check authentication status. Based on upstream patch.
- CVE-2015-3306

 -- Brian Morton   Sat, 4 Dec 2016 15:16:02 -0500

** Changed in: proftpd-dfsg (Ubuntu Precise)
   Status: Confirmed => Fix Released

** Changed in: proftpd-dfsg (Ubuntu Trusty)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Launchpad Bug Tracker

This bug was fixed in the package proftpd-dfsg - 1.3.5~rc3-2.1ubuntu2.1

---
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low

  * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote
attackers to read and write to arbitrary files via the site cpfr and
site cpto commands. (LP: #1462311)
- debian/patches/CVE-2015-3306.patch: adjust contrib/mod_copy.c to
  check authentication status. Based on upstream patch.
- CVE-2015-3306

 -- Brian Morton   Sat, 4 Dec 2016 15:34:12 -0500

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Tyler Hicks

** Changed in: proftpd-dfsg (Ubuntu Precise)
   Status: In Progress => Confirmed

** Changed in: proftpd-dfsg (Ubuntu Trusty)
   Status: In Progress => Confirmed

** Changed in: proftpd-dfsg (Ubuntu Precise)
 Assignee: Tyler Hicks (tyhicks) => (unassigned)

** Changed in: proftpd-dfsg (Ubuntu Trusty)
 Assignee: Tyler Hicks (tyhicks) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Tyler Hicks

Hi Brian - Thanks for the debdiffs and your work to improve the security
of Ubuntu. :)

During my review of the debdiffs, I noticed a few minor issues:

1) I had to run the debdiffs through dos2unix to make the patch utility happy
2) I had to add a single newline to the end of the debdiffs to make the patch 
utility happy
3) I adjusted the precise version from 1.3.4a-2 to 1.3.4a-1ubuntu0.1, as 
documented in 
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging

As mentioned, these were minor issues and everything else looked good to
me.

As for the backport, I think it was probably a good idea that you left
out the configuration changes. It would have been better if the testing
changes could have been included (assuming that the tests are run at
build time, I haven't checked) but the patch is simple enough that I
have confidence that it is correct.

Thanks again. I'll be uploading these changes soon.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-07 Thread Tyler Hicks

** Also affects: proftpd-dfsg (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: proftpd-dfsg (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Changed in: proftpd-dfsg (Ubuntu Precise)
   Status: New => In Progress

** Changed in: proftpd-dfsg (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: proftpd-dfsg (Ubuntu Precise)
 Assignee: (unassigned) => Tyler Hicks (tyhicks)

** Changed in: proftpd-dfsg (Ubuntu Trusty)
   Status: New => In Progress

** Changed in: proftpd-dfsg (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: proftpd-dfsg (Ubuntu Trusty)
 Assignee: (unassigned) => Tyler Hicks (tyhicks)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-05 Thread Mathew Hodson

** Changed in: proftpd-dfsg (Ubuntu)
   Importance: Undecided => Medium

** Tags removed: cve-2015-3306

** Tags added: precise trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-04 Thread Brian Morton

Adding reworked patch for trusty that fixes an API issue with returning
the error code/message and is more minimal and appropriate for a
backported fix.

** Patch removed: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787127/+files/proftpd-dfsg_1.3.4a-2.debdiff

** Patch removed: "Upstream patch applied for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787121/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

** Patch added: "Debdiff of upstream patch for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787404/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-04 Thread Brian Morton

Adding reworked patch for precise that fixes an API issue with returning
the error code/message and is more minimal and appropriate for a
backported fix.

** Patch added: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787405/+files/proftpd-dfsg_1.3.4a-2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-03 Thread Ubuntu Foundations Team Bug Bot

The attachment "Upstream patch applied for trusty" seems to be a
debdiff.  The ubuntu-sponsors team has been subscribed to the bug report
so that they can review and hopefully sponsor the debdiff.  If the
attachment isn't a patch, please remove the "patch" flag from the
attachment, remove the "patch" tag, and if you are member of the
~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issue please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-03 Thread Brian Morton

Attaching debdiff of upstream patch for precise. Tested in same manner
as trusty.

** Patch added: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787127/+files/proftpd-dfsg_1.3.4a-2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-12-03 Thread Brian Morton

Attaching debdiff of upstream patch for trusty package. Precise is also
vulnerable, so I will mark that as well while I work on that next.

My primary test before/after patch:

220 ProFTPD 1.3.5rc3 Server (Debian) [:::10.129.53.2]
USER bmorton
331 Password required for bmorton
PASS ***
230 User bmorton logged in
site cpfr /etc/passwd
350 File or directory exists, ready for destination name
site cpto /tmp/passwd.copy
250 Copy successful

220 ProFTPD 1.3.5rc3 Server (Debian) [:::10.129.53.2]
site cpfr /etc/passwd
Connection closed by foreign host.

** Patch added: "Upstream patch applied for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787121/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-05-20 Thread TomaszChmielewski

I think backporting a package from 16.04 should be enough?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-05-02 Thread Seth Arnold

Thomasz, are you able to provide updates? See
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation for some
information on preparing updates.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-05-02 Thread cd311

** Changed in: proftpd-dfsg (Ubuntu)
   Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-05-01 Thread TomaszChmielewski

Any update on these? I'm seeing ubuntu 14.04 servers hacked regularly
because of this vulnerability.

Upstream released the fix a year ago or so already!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2016-04-21 Thread Mingye Wang

** Description changed:

  The CVE-2015-3306 problem is arround for some time now and is not fixed in 
12.04 and 14.04 LTS versions.
  http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3306.html
  
  I also tested it with telnet.
  I can copy files without any authentication if mod_copy is enabled (mod_copy 
is per default enabled!)
  The module is very usefull. I would be happy if I can re enable it on my 
servers.
  
- 
  Debian and other distributions have already fix this in their systems.
  http://bugs.proftpd.org/show_bug.cgi?id=4169
  https://security-tracker.debian.org/tracker/CVE-2015-3306
+ https://www.debian.org/security/2015/dsa-3263
  
  Is there a special reason why this still not fixed on the LTS versions
  of Ubuntu?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-12-17 Thread RedShift

Need help on this one?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-12-14 Thread Seth Arnold

Anton, are you able to provide updates? See
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation for some
information on preparing updates.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-12-14 Thread Anton Statutov

This has not been fixed in 14.04 LTS. Came here after discovering
hacking attempts. Sadly.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-09-08 Thread BlueT - Matthew Lien - 練喆明

Has this been released to 14.04 LTS?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-07-09 Thread Roman Plessl

** Bug watch added: ProFTPD Bugzilla #4169
   http://bugs.proftpd.org/show_bug.cgi?id=4169

** Also affects: proftpd-dfsg via
   http://bugs.proftpd.org/show_bug.cgi?id=4169
   Importance: Unknown
   Status: Unknown

** No longer affects: proftpd-dfsg

** Also affects: proftpd-dfsg via
   http://bugs.proftpd.org/show_bug.cgi?id=4169
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-07-09 Thread Bug Watch Updater

** Changed in: proftpd-dfsg
   Status: Unknown = Fix Released

** Changed in: proftpd-dfsg
   Importance: Unknown = Critical

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-06-30 Thread Tyler Hicks

Hi ft - unfortunately, there are no usable debdiffs in the tar file that
you uploaded. Instructions on the security update packaging process can
be found here:

  https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Packaging

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-06-08 Thread ft

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-3306

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-06-08 Thread ft

This is a little bit high for me.
I downloaded the debian/ubuntu pakages and created debdiffs (debdiff debian 
ubuntu)
I hope this helps somehow.

The pakages and the diffs are in the attachment.

** Attachment added: proftpd-basic_debdiff.tar.gz
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4411451/+files/proftpd-basic_debdiff.tar.gz

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

2015-06-05 Thread Tyler Hicks

Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Changed in: proftpd-dfsg (Ubuntu)
   Status: New = Incomplete

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

27 matches

Site Navigation

Mail list logo

Footer information