Opened 13 years ago
Closed 13 years ago
#27452 closed defect (fixed)
security: ProFTPD 1.3.3c
| Reported by: | mas@… | Owned by: | jenix@… |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 1.9.2 |
| Keywords: | Cc: | ||
| Port: | proftpd |
Description
On October 29, 2010 (sic!), an important security update (fixing an unauthenticated remote security vulnerability while handling telnet IAC control characters) was published as ProFTPD 1.3.3c. MacPorts still remains at the vulnerable version 1.3.2c. I consider this to be broken.
Attached is a patch to just update to 1.3.3c (not incorporating the other patches waiting for ProFTPD).
As per our rules, I am not directly committing this, as ProFTPD is not openmaintainer. I will, however, commit within two hours if nobody has any objections, as this is a security update that should really have been done long ago.
Attachments (1)
Change History (3)
Changed 13 years ago by mas@…
| Attachment: | proftpd.patch added |
|---|
comment:1 Changed 13 years ago by mf2k (Frank Schima)
| Cc: | jenix@… mas@… removed |
|---|---|
| Keywords: | security proftpd removed |
| Owner: | changed from mas to jenix@… |
Note: See
TracTickets for help on using
tickets.
The reporter is automatically Cc'ed. Trac requires full email addresses.