Package: proftpd-basic Version: 1.3.6-4+deb10u3 Severity: important Tags: upstream
This is to track CVE-2020-9273. I'm not 100% sure if jessie is affected too. At least the CVE does not report it. Hilmar -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 5.4.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages proftpd-basic depends on: ii adduser 3.118 ii debianutils 4.9.1 ii libacl1 2.2.53-5 ii libc6 2.29-10 ii libcap2 1:2.32-1 ii libcrypt1 1:4.4.10-10 ii libhiredis0.14 0.14.0-6 ii libmemcached11 1.0.18-4.2 ii libmemcachedutil2 1.0.18-4.2 ii libncursesw6 6.1+20191019-1 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libpcre3 2:8.39-12+b1 ii libssl1.1 1.1.1d-2 ii libtinfo6 6.1+20191019-1 ii libwrap0 7.6.q-30 ii lsb-base 11.1.0 ii netbase 6.1 ii sed 4.7-1 ii ucf 3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1.2 Versions of packages proftpd-basic recommends: pn proftpd-doc <none> Versions of packages proftpd-basic suggests: ii openbsd-inetd [inet-superserver] 0.20160825-4+b1 ii openssl 1.1.1d-2 pn proftpd-mod-geoip <none> pn proftpd-mod-ldap <none> pn proftpd-mod-mysql <none> pn proftpd-mod-odbc <none> pn proftpd-mod-pgsql <none> pn proftpd-mod-snmp <none> pn proftpd-mod-sqlite <none> -- debconf information: * shared/proftpd/inetd_or_standalone: from inetd
