Opened 14 years ago

Closed 14 years ago

#27452 closed defect (fixed)

security: ProFTPD 1.3.3c

Reported by: mas@… Owned by: jenix@…
Priority: Normal Milestone:
Component: ports Version: 1.9.2
Keywords: Cc:
Port: proftpd

Description

On October 29, 2010 (sic!), an important security update (fixing an unauthenticated remote security vulnerability while handling telnet IAC control characters) was published as ProFTPD 1.3.3c. MacPorts still remains at the vulnerable version 1.3.2c. I consider this to be broken.

Attached is a patch to just update to 1.3.3c (not incorporating the other patches waiting for ProFTPD).

As per our rules, I am not directly committing this, as ProFTPD is not openmaintainer. I will, however, commit within two hours if nobody has any objections, as this is a security update that should really have been done long ago.

Attachments (1)

proftpd.patch (1.1 KB) - added by mas@… 14 years ago.

Download all attachments as: .zip

Change History (3)

Changed 14 years ago by mas@…

Attachment: proftpd.patch added

comment:1 Changed 14 years ago by mf2k (Frank Schima)

Cc: jenix@… mas@… removed
Keywords: security proftpd removed
Owner: changed from mas to jenix@…

The reporter is automatically Cc'ed. Trac requires full email addresses.

comment:2 Changed 14 years ago by mas@…

Resolution: fixed
Status: newclosed

fixed in r73801

Note: See TracTickets for help on using tickets.