Hi,
since I don't know if it's needed in ART psa-proftpd package I thought I just might ask.
A bugfix is out for this vulnerability:
When ProFTPd is compiled with mod_site_misc and when a directory is
writable, an attacker can use mod_site_misc to:
- create a directory located outside the writable directory
- delete a directory located outside the writable directory
- create a symlink located outside the writable directory
- change the time of a file located outside the writable directory
SOURCE:
http://bugs.proftpd.org/show_bug.cgi?id=3519
Thanks a lot.
bugfix for proftpd
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: bugfix for proftpd
Awesome, thanks for the heads up. Its very very appreciated, we try to stay on top of these things every day but sometimes we miss out in the daily flood. I'm really glad you caught this.
The update should be available in the [asl-2.0] repo shortly.
The update should be available in the [asl-2.0] repo shortly.
Re: bugfix for proftpd
Great. Thank you very much. I will pop up with that kind of stuff whenever I see it.