[Secure-testing-team] CVE-2007-2165 proftpd
Francesco P. Lovergine
frankie at debian.org
Tue Jul 10 09:50:11 UTC 2007
Hi folks
it's time to migrate my patch for
http://bugs.proftpd.org/show_bug.cgi?id=2922
to etch. It is currently fixed in testing/sid by my auth_cache.dpatch
patch. I consider it now sufficiently safe for etch use. It is
currently recognized as a security issue with medium impact.
Unfortunately it impacts since ages, so it is a valid issue also for sarge.
AFAIK auth_cache.dpatch should apply clean onto etch version, if
you had issues with I can help. If you prefer having a patched
source for etch I can also provide it.
I don't know if the issue is already known and fixed by other distros.
Cheers
--
Francesco P. Lovergine
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070710/664f8988/attachment.pgp
More information about the Secure-testing-team
mailing list