Package: proftpd-basic Version: 1.3.3a-4 Severity: grave Tags: security patch Justification: security hole
According to http://bugs.proftpd.org/show_bug.cgi?id=3521 and http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c, there is a remote code execution vulnerability in proftpd since version 1.3.2rc3, which was fixed in 1.3.3c. A patch fixing only this vulnerability is available from the mentioned bug report page. (http://bugs.proftpd.org/attachment.cgi?id=3436) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
