Package "proftpd-dfsg"

Name:	proftpd-dfsg
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: Transitional dummy package for ProFTPD Versatile, virtual-hosting FTP daemon - binaries Versatile, virtual-hosting FTP daemon - development files Versatile, virtual-hosting FTP daemon - documentation
Latest version:	1.3.7c+dfsg-1ubuntu0.1
Release:	jammy (22.04)
Level:	security
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "proftpd-dfsg" in Jammy

Repository	Area	Version
base	universe	1.3.7c+dfsg-1build1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.3.7c+dfsg-1ubuntu0.1 2025-02-25 17:07:00 UTC

proftpd-dfsg (1.3.7c+dfsg-1ubuntu0.1) jammy-security; urgency=medium * SECURITY UPDATE: out of bound read causes daemon crash - d/p/CVE-2023-51713.patch: skip parsing quote backslash sequence - CVE-2023-51713 * SECURITY UPDATE: privilege escalation due to missing group checks - d/p/CVE-2024-48651.patch: only set group for daemon to primary gid - CVE-2024-48651 -- Sudhakar Verma <email address hidden> Wed, 05 Feb 2025 19:23:13 +0530

CVE-2023-51713	make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semant
CVE-2024-48651	In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups

About - Send Feedback to @ubuntu_updates

Package "proftpd-dfsg"

Links

Other versions of "proftpd-dfsg" in Jammy

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

security

PPA updates