CVE-2023-48795 proftp* & Debian stable

Salvatore Bonaccorso carnil at debian.org
Tue Jan 2 08:54:44 GMT 2024


Hi Hilmar,

On Mon, Jan 01, 2024 at 10:24:10PM +0100, Hilmar Preuße wrote:
> On 23.12.23 01:03, Preuße, Hilmar wrote:
> 
> Hi all,
> 
> Happy new year!

And the same to you!

> > I've fixed CVE-2023-48795 for proftp in Debian unstable. As soon as
> > "#1059179: transition: proftpd-dfsg" is addressed, the fix will enter
> > testing.
> > 
> > Now about bookworm: I've added the patch to the appropriate branches on
> > salsa and can at least confirm that package building still works using
> > an sbuilder and upstreams test suite runs fine for proftp (core). For
> > proftpd-mod-proxy package building works on sbuild.
> > 
> I've added the patch for CVE-2023-51713 to bookworm branch, this would be
> part of a potential 12u3 upload.
> 
> https://security-tracker.debian.org/tracker/CVE-2023-51713

Sounds good, thank you!

Regards,
Salvatore

> Hilmar
> -- 
> Testmail

Testmail back ;-)



More information about the Pkg-proftpd-maintainers mailing list