-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2338-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Markus Koschany August 22, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5b-4+deb9u1 CVE ID : not available Debian Bug : 923926 Several memory leaks were discovered in proftpd-dfsg, a versatile, virtual-hosting FTP daemon, when mod_facl or mod_sftp is used which could lead to memory exhaustion and a denial-of-service. The update also makes automatic upgrades of proftpd-dfsg from Debian 8 to Debian 9 possible again. For Debian 9 stretch, this problem has been fixed in version 1.3.5e+r1.3.5b-4+deb9u1. We recommend that you upgrade your proftpd-dfsg packages. For the detailed security status of proftpd-dfsg please refer to its security tracker page at: https://security-tracker.debian.org/tracker/proftpd-dfsg Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl9BWRZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeT9hQ/8CGEFs3OEHCP1o6IkgcVE3UFf9hZYl5czxD0vwoADrpASsCmmUozKKp4D 3SnkZ5/8jJiY1OFVHNhyfv7bzSn3BIo4pwuNCrBN1NV6ZgJoejrliMn3zuWx4SWz gWSWk34dZkk0CwwlTkBVwTMHehuq+rlntW5eMgxuMzJTxpe5DzvR46RBoNdeuc73 xohTEmbz9BI8SbmYovTwMy0qZHrBEbK53aPlDNxv/gLEaXKpK87gQVrKXNJ0yN98 zm6q4gIviHHo6oR3v08fS/QbdgRXWhDOTcTSKoj9H00v4RV1h3GcjA6HMIildQMc fXbkxHJznEd1YfNdWZgxWUqpuNAdxwSkfMQwByrK+NbExN+RSv0qgJEz1z9DOTi9 9/zUQkr9gRjV3YshnUw7vJju4RMzqY2NfPkX/8+r8yxnXDYXEoh89T/is0BW8ESV UQfTz9xTMSh9B3CYJPh2WvfWoPOj4eLi3i/rleMDiXK2mOzcmivQ8lmK/Obh0C7n 6I5lNgRo4e1JMFWI2oBJdDLqj2brc464gxUjWtKdX/2VGML0h+DXg9vPKzKjo0Qx 2BUY43VKVon1gU46PV0hfsQ5pKomcx/szDUGlaiWbGj2Wr90wFPw58GaIjmxeBrU Zu1bnkbFgkl52lHDIiE6oKyRzakGHKfV9yBJKLZ3tno9ClH/R+8= =vDLP -----END PGP SIGNATURE-----