Package: proftpd-dfsg Severity: important Tags: security upstream Hi,
the following vulnerability was published for proftpd-dfsg. CVE-2013-4359[0]: mod_sftp/mod_sftp_pam invalid pool allocation during kbdint authentication If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. As far I can read in references however, keyboard interactive authentication is rare as not enabled by default. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4359 http://security-tracker.debian.org/tracker/CVE-2013-4359 [1] http://marc.info/?l=oss-security&m=137914240227778&w=2 Please adjust the affected versions in the BTS as needed. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
