Accepted proftpd-dfsg 1.3.8+dfsg-4+deb12u3 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted proftpd-dfsg 1.3.8+dfsg-4+deb12u3 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 20 Jan 2024 16:47:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_source.changes
- Debian-source: proftpd-dfsg
- Debian-suite: proposed-updates
- Debian-version: 1.3.8+dfsg-4+deb12u3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=g4hd5NU/xuJPkOSYExTHg2p37ZozPsMHxRrzWgT2zTA=; b=UZXcecvsb6VMSNAb2b4TX3EVEe XBt58FrQK6yUD2+19fY7riKNoFkuQaN6YHLKIierCbT3tINC63Jm9S5MJi5FyW98G4U/3Q6kKrzCy xMgEqvkE3ToLNtMPU7+EJ5YOL9MDzpg6+n7Rvt3D8tMMASez8PZT5s0uvOInJopzAwggIyWtA3VHG Vr5vqoZxJdyqqi6XFUcwXVO/WGCrfx/XweJ06DF7Aagg+C4DAtLvcxPilM22T6N/SpLeDasHRMgme zTjUpqn3GTsorZ9uc6hLOSv3SP8G27ok1QNprJxz88d2w7Xthkg/RdgGv97+40iJUoeZtEgcIoMdS zMl4OocQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rREV6-00EEu7-Uz@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 09 Jan 2024 21:52:35 +0000
Source: proftpd-dfsg
Architecture: source
Version: 1.3.8+dfsg-4+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: ProFTPD Maintainance Team <pkg-proftpd-maintainers@alioth-lists.debian.net>
Changed-By: Hilmar Preusse <hille42@web.de>
Changes:
proftpd-dfsg (1.3.8+dfsg-4+deb12u3) bookworm; urgency=medium
.
* Add patch for Terrapin attack (CVE-2023-48795).
* make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte
out-of-bounds read, and daemon crash, because of mishandling of
quote/backslash semantics (CVE-2023-51713).
Checksums-Sha1:
d7c9b2fbfbe5ec2a569c570c4b7d6ce9340c6656 3433 proftpd-dfsg_1.3.8+dfsg-4+deb12u3.dsc
a0ef445d6d058717abd55747ec858574438430ca 86684 proftpd-dfsg_1.3.8+dfsg-4+deb12u3.debian.tar.xz
c5c3f7d718840382aacaaaad7b4e665cf7f8e16d 6089 proftpd-dfsg_1.3.8+dfsg-4+deb12u3_source.buildinfo
Checksums-Sha256:
092d38197a242578ea863963a0a6367faf29739efa80fcce0b40b416a1a95d00 3433 proftpd-dfsg_1.3.8+dfsg-4+deb12u3.dsc
5d37ce8fbd00c7480d6dbff1fba4859a483698b58e4a81a99108de539a323a14 86684 proftpd-dfsg_1.3.8+dfsg-4+deb12u3.debian.tar.xz
ff4a43a6874ba7ac51bb1463c4bd0ec823129d70ccaa1d17c53f9018ae694786 6089 proftpd-dfsg_1.3.8+dfsg-4+deb12u3_source.buildinfo
Files:
3c657bb26b9a2f749d6f24c1a240b4fc 3433 net optional proftpd-dfsg_1.3.8+dfsg-4+deb12u3.dsc
49eef686d09dd3e4fa1b2bf0e446274d 86684 net optional proftpd-dfsg_1.3.8+dfsg-4+deb12u3.debian.tar.xz
e7a517950fa463347c318cd115dffa10 6089 net optional proftpd-dfsg_1.3.8+dfsg-4+deb12u3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEaXGmC/nkbIhxf16kxiZYRqvgLIsFAmWdwNNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDY5
NzFBNjBCRjlFNDZDODg3MTdGNUVBNEM2MjY1ODQ2QUJFMDJDOEIACgkQxiZYRqvg
LIuSCQ//fLqVTvEsFyZBkHNUgRH7UHJ+6MRFw60siDH5UfNGr5deDI09KebNhX83
ZzkNV8m6qJqrAgyqJ8nAGPsfB6R70G2cuQHze+e2D7rMiZdoo0nVnMU80O72j/Kw
bJoHQRbr3P89pa9kWtabOPPU8o4cpCDoJM4jJXK8lmwXd4TJOJBOQmkNlCiN0ecf
HD3jel5/kwor9ElVBQ6kj3CHFGlmkOVe3gYqCcy0ewNp4U/Avci7B7kPKuowiO8a
nriZ7gx2rPwKpiuq9vzf94D5C1uLxvLugSbi9/q5fIubSjLY3VWKMMGmEk03ML/X
plbaeJKyMS5gxH+QdHFPEHSfYif/i9ACu+PA2Ud5RY8YTleFLmTPX+9HouPxoLCT
S+oCwQx/y8dFMyxeKmJwbsNtuzyLydMu5kbMgcjhSOw9ak3zFm0WEVH+ZP65sjE+
G/q/d3Ei7/0G0ozLmD7AOdUtJgZf9mD1L40lLLw+g9WgPD7GWzBOqlytAqRztmGC
rEGEP7j3mLI0ZroflLlYigMROacCzI9AHGb9v+snOtzFjygLlv2aXSvwJeSP4ggk
OIuIkqhuFeTXlaT85EaIWeI8G/zZjaCETeUnPUbgHL84NfXfgV69tlo6b8I4g0ga
1HffPihe3OTWZrIIUBxNcJ2J3DlB9BxThGC4SvtW/aEHIojZqgs=
=2qpc
-----END PGP SIGNATURE-----