CVE-2023-48795 proftp* & Debian stable
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 2 08:54:44 GMT 2024
Hi Hilmar,
On Mon, Jan 01, 2024 at 10:24:10PM +0100, Hilmar Preuße wrote:
> On 23.12.23 01:03, Preuße, Hilmar wrote:
>
> Hi all,
>
> Happy new year!
And the same to you!
> > I've fixed CVE-2023-48795 for proftp in Debian unstable. As soon as
> > "#1059179: transition: proftpd-dfsg" is addressed, the fix will enter
> > testing.
> >
> > Now about bookworm: I've added the patch to the appropriate branches on
> > salsa and can at least confirm that package building still works using
> > an sbuilder and upstreams test suite runs fine for proftp (core). For
> > proftpd-mod-proxy package building works on sbuild.
> >
> I've added the patch for CVE-2023-51713 to bookworm branch, this would be
> part of a potential 12u3 upload.
>
> https://security-tracker.debian.org/tracker/CVE-2023-51713
Sounds good, thank you!
Regards,
Salvatore
> Hilmar
> --
> Testmail
Testmail back ;-)
More information about the Pkg-proftpd-maintainers
mailing list