Bug#951800: CVE-2020-9273: buster affected
Hilmar Preusse
hille42 at web.de
Fri Feb 21 21:07:42 GMT 2020
Package: proftpd-basic
Version: 1.3.6-4+deb10u3
Severity: important
Tags: upstream
This is to track CVE-2020-9273.
I'm not 100% sure if jessie is affected too. At least the
CVE does not report it.
Hilmar
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 5.4.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages proftpd-basic depends on:
ii adduser 3.118
ii debianutils 4.9.1
ii libacl1 2.2.53-5
ii libc6 2.29-10
ii libcap2 1:2.32-1
ii libcrypt1 1:4.4.10-10
ii libhiredis0.14 0.14.0-6
ii libmemcached11 1.0.18-4.2
ii libmemcachedutil2 1.0.18-4.2
ii libncursesw6 6.1+20191019-1
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libpcre3 2:8.39-12+b1
ii libssl1.1 1.1.1d-2
ii libtinfo6 6.1+20191019-1
ii libwrap0 7.6.q-30
ii lsb-base 11.1.0
ii netbase 6.1
ii sed 4.7-1
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1.2
Versions of packages proftpd-basic recommends:
pn proftpd-doc <none>
Versions of packages proftpd-basic suggests:
ii openbsd-inetd [inet-superserver] 0.20160825-4+b1
ii openssl 1.1.1d-2
pn proftpd-mod-geoip <none>
pn proftpd-mod-ldap <none>
pn proftpd-mod-mysql <none>
pn proftpd-mod-odbc <none>
pn proftpd-mod-pgsql <none>
pn proftpd-mod-snmp <none>
pn proftpd-mod-sqlite <none>
-- debconf information:
* shared/proftpd/inetd_or_standalone: from inetd
More information about the Pkg-proftpd-maintainers
mailing list