notfound 603511 1.3.1-17lenny4 found 603511 1.3.3a-4 fixed 603511 1.3.3a-5 close 603511 1.3.3a-5 thanks
Would you please read the changelog before submitting unuseful bugs? Thanks. On Sun, Nov 14, 2010 at 03:46:09PM -0500, Michael Gilbert wrote: > Package: proftpd-dfsg > Version: 1.3.1-17lenny4 > Severity: grave > Tags: security , patch > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for proftpd-dfsg. > > CVE-2010-4221[0]: > | Multiple stack-based buffer overflows in the pr_netio_telnet_gets > | function in netio.c in ProFTPD before 1.3.3c allow remote attackers to > | execute arbitrary code via vectors involving a TELNET IAC escape > | character to a (1) FTP or (2) FTPS server. > > Patch available: > http://bugs.proftpd.org/show_bug.cgi?id=3521 > > If you fix the vulnerability please also make sure to include the > CVE id in your changelog entry. > > For further information see: > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4221 > http://security-tracker.debian.org/tracker/CVE-2010-4221 > -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
