Bug#782781: No security fix yet

Mario Lipinski mario.lipinski at iserv.eu
Tue May 19 06:33:08 UTC 2015


Dear proftpd maintainers,

following a recent press release [1], exploits [2] for this bug [3] 
exist and the bug seems to be unfixed in the currently supported 
oldstable and stable releases [4]. What about considering a security 
release or updating the security-tracker information?

[1] 
http://www.heise.de/newsticker/meldung/Angreifer-nutzen-kritische-Luecke-in-ProFTPD-aus-2652114.html 
(German)
[2] https://github.com/nootropics/propane
[3] http://bugs.proftpd.org/show_bug.cgi?id=4169
[4] https://security-tracker.debian.org/tracker/CVE-2015-3306

-- 
Mit freundlichen Grüßen,
Mario Lipinski

IServ GmbH
Bültenweg 73
38106 Braunschweig

Telefon:   0531-2243666-0
Fax:       0531-2243666-9
E-Mail:    info at iserv.eu
Internet:  iserv.eu

USt-IdNr. DE265149425 | Amtsgericht Braunschweig | HRB 201822
Geschäftsführer: Benjamin Heindl, Jörg Ludwig



More information about the Pkg-proftpd-maintainers mailing list