Package: proftpd
Version: 1.2.10-17
Severity: critical
Justification: root security hole
In the most recent (1.2.10-17) version of proftpd, the permissions used
by the daemon are somehome mixed up: both anonymous and authenticated
connections are mapped to uid 0/gid 0 in the filesystem. New files
On Sat, Jun 25, 2005 at 12:14:34AM +0200, Michael Bergbauer wrote:
> Package: proftpd
> Version: 1.2.10-17
> Severity: critical
> Justification: root security hole
> This bug was not reproducable on 1.2.10-16, I had to install 1.2.10-17.
> The config file wasn't touched during the update to -17.
T
tags 315687 sid
thanks
On Sat, Jun 25, 2005 at 12:14:34AM +0200, Michael Bergbauer wrote:
> Package: proftpd
> Version: 1.2.10-17
> Severity: critical
> Justification: root security hole
>
> In the most recent (1.2.10-17) version of proftpd, the permissions used
> by the daemon are somehome mixed
On Sat, Jun 25, 2005 at 12:09:31AM -0400, Justin Pryzby wrote:
> On Sat, Jun 25, 2005 at 12:14:34AM +0200, Michael Bergbauer wrote:
> > Package: proftpd
> > Version: 1.2.10-17
> > Severity: critical
> > Justification: root security hole
>
> > This bug was not reproducable on 1.2.10-16, I had to in
tags 315687 pending
thanks
Ok, Murphy's law in action...
Feel free to use my repos:
http://people.debian.org/debian/sarge/ ./
http://people.debian.org/debian/sid/ ./
ftp-master is moving so no new uploads until again available.
--
Francesco P. Lovergine
--
To UNSUBSCRIBE, email to [EMAIL PR
5 matches
Mail list logo
