Bug#952557: proftpd-dfsg: Followup fix for CVE-2020-9273
Hi Hilmar, On Wed, Mar 04, 2020 at 09:09:30PM +0100, Hilmar Preuße wrote: > found -1 1.3.5b-4+deb9u3 > found -1 1.3.6-4+deb10u3 > > On 2/25/20 8:39 PM, Salvatore Bonaccorso wrote: > > > As per https://github.com/proftpd/proftpd/issues/903 there was a > > follow-up fix for upstream issue #903, CVE-2020-9273. > > > Found in stable and oldstable too. Actually not, because we never released a fix for #903 which was incomplete. The update issued contained both commits needed. Regards, Salvatore
Bug#952557: proftpd-dfsg: Followup fix for CVE-2020-9273
found -1 1.3.5b-4+deb9u3 found -1 1.3.6-4+deb10u3 On 2/25/20 8:39 PM, Salvatore Bonaccorso wrote: > As per https://github.com/proftpd/proftpd/issues/903 there was a > follow-up fix for upstream issue #903, CVE-2020-9273. > Found in stable and oldstable too. H. -- sigfault #206401 http://counter.li.org signature.asc Description: OpenPGP digital signature
Bug#952557: proftpd-dfsg: Followup fix for CVE-2020-9273
Source: proftpd-dfsg Version: 1.3.6c-1 Severity: important Tags: upstream Hi As per https://github.com/proftpd/proftpd/issues/903 there was a follow-up fix for upstream issue #903, CVE-2020-9273. See: https://github.com/proftpd/proftpd/commit/f8047a1ed0e0eb15193f555c4cbbb281e705c5c3 (master) https://github.com/proftpd/proftpd/commit/cd9036f4ef7a05c107f0ffcb19a018b20267c531 (1.3.6 branch) Regards, Salvatore