lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: aliz at gentoo.org (Daniel Ahlberg) Subject: GLSA: net-ftp/proftpd (200309-16) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ GENTOO LINUX SECURITY ANNOUNCEMENT 200309-16 - ------------------------------------------------------------------------ PACKAGE : net-ftp/proftpd SUMMARY : ASCII File Remote Compromise Vulnerability DATE : 2003-09-28 00:37 UTC EXPLOIT : remote VERSIONS AFFECTED : <proftpd-1.2.9_rc2 FIXED VERSION : =proftpd-1.2.9_rc2 GENTOO BUG ID : 29452 CVE : none that we are aware of at this time - ------------------------------------------------------------------------ SUMMARY: ISS X-Force discovered a vulnerability that could be triggered when a specially crafted file is uploaded to a proftpd server. Read the full advisory at: http://www.proftpd.org/ SOLUTION: It is recommended that all Gentoo Linux users who are running net-ftp/proftpd upgrade to proftpd-1.29_rc2 as follows emerge sync emerge '>=net-ftp/proftpd-1.2.9_rc2' emerge clean - - - --------------------------------------------------------------------- solar@...too.org aliz@...too.org - GnuPG key is available at http://dev.gentoo.org/~aliz - - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/eEBbfT7nyhUpoZMRArDnAKCFlLbPmeC/S05/0EG1pqJc9BbClACgjPY6 OintOPB6pXf211OQxsUC7Tg= =+hmK -----END PGP SIGNATURE-----
Powered by blists - more mailing lists