[ubuntu/jammy-security] proftpd-dfsg 1.3.7c+dfsg-1ubuntu0.1 (Accepted)
Sudhakar Verma
sudhakar.verma at canonical.com
Tue Feb 25 13:38:52 UTC 2025
proftpd-dfsg (1.3.7c+dfsg-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: out of bound read causes daemon crash
- d/p/CVE-2023-51713.patch: skip parsing quote backslash sequence
- CVE-2023-51713
* SECURITY UPDATE: privilege escalation due to missing group checks
- d/p/CVE-2024-48651.patch: only set group for daemon to primary gid
- CVE-2024-48651
Date: 2025-02-06 08:08:11.442166+00:00
Changed-By: Sudhakar Verma <sudhakar.verma at canonical.com>
https://launchpad.net/ubuntu/+source/proftpd-dfsg/1.3.7c+dfsg-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list