Huch - Ist die nicht schon etwas älter? Am 15.11.2011 um 23:32 schrieb Kai Moritz:
> Eingespielt... > > Am 15.11.2011 21:39, schrieb Florian Weimer: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> - ------------------------------------------------------------------------- >> Debian Security Advisory DSA-2346-1 [email protected] >> http://www.debian.org/security/ Florian Weimer >> November 15, 2011 http://www.debian.org/security/faq >> - ------------------------------------------------------------------------- >> >> Package : proftpd-dfsg >> Vulnerability : several >> Problem type : remote >> Debian-specific: no >> CVE ID : CVE-2011-4130 >> Debian Bug : 648373 >> >> Several vulnerabilities were discovered in ProFTPD, an FTP server: >> >> ProFTPD incorrectly uses data from an unencrypted input buffer >> after encryption has been enabled with STARTTLS, an issue >> similar to CVE-2011-0411. >> >> CVE-2011-4130 >> ProFTPD uses a response pool after freeing it under >> exceptional conditions, possibly leading to remote code >> execution. (The version in lenny is not affected by this >> problem.) >> >> For the oldstable distribution (lenny), this problem has been fixed in >> version 1.3.1-17lenny8. >> >> For the stable distribution (squeeze), this problem has been fixed in >> version 1.3.3a-6squeeze4. >> >> For the testing distribution (wheezy) and the unstable distribution >> (sid), this problem has been fixed in version 1.3.4~rc3-2. >> >> We recommend that you upgrade your proftpd-dfsg packages. >> >> Further information about Debian Security Advisories, how to apply >> these updates to your system and frequently asked questions can be >> found at: http://www.debian.org/security/ >> >> Mailing list: [email protected] >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> >> iQEcBAEBAgAGBQJOwtBGAAoJEL97/wQC1SS+qHcIALRWXUJlJ6Ufbh4DP1+ibjwW >> lyJmGf+XKWCYT65jYjXzC+zDzjAGHvkwy1Vqwl7y7SD38h5/bYlr4O2n5BdwdPYA >> N5rcdFtse8XXGGBrN8x4OjSgmson2gWy8cxCG3cgtLa3+815frrDc9PlZYM+wsIK >> yfY4xEIV2cisJdy9wpOTLZJvAt6Hv2lp7vGEBM21wAbkxl5/anLvsij2E1FBNSNp >> 2fUxT4kAl7p39rL8103rCL/D0TreP62n5wuILGuikxdW8/c1ZRG9aaBWMRraUZ6V >> UWYRPdjD+kjVidzukxYRLrf/VN7RmsqKsQNz5fez+pRRRfjoCdmVzSLGvSNs5C4= >> =YlU+ >> -----END PGP SIGNATURE----- >> >> > > > -- > > Kai Moritz > Leiter Entwicklung > > Telefon: 0234/7090883 > Mobil: 0176/20504747 > > E-Mail: [email protected] > > coolibri, Magazin-Online-App > Events, Trends und Reportagen für die Rhein-Ruhr-Region > > Deutschlands meistgelesene Stadtillustrierte (AWA 2010) > > www.coolibri.de > www.facebook.com/coolibrimagazin > http://twitter.com/coolibri > > coolibri iPhone-App > > coolibri ist Medienpartner der Ruhrtriennale > coolibri ist Mediennpartner des Altstadtherbst Kulturfestivals > > > Roland Scherer Verlags- und Werbeservice GmbH > Ehrenfeldstr. 34 > 44789 Bochum > ---------------------------------------------------------- > Sitz der Gesellschaft: Bochum > Registergericht: Amtsgericht Bochum HRB 3259 > Geschäftsführer: Roland Scherer > > > -- > To UNSUBSCRIBE, email to [email protected] > with a subject of "unsubscribe". Trouble? Contact [email protected] > Archive: http://lists.debian.org/[email protected] > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
