projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 282fc60) | patch
package/proftpd: security bump to version 1.3.6e
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Fri, 27 Nov 2020 20:11:28 +0000 (21:11 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Sat, 28 Nov 2020 08:24:09 +0000 (09:24 +0100)
commit7ba4aa92981107462e23c4a7d2b1ef291743fe81
treedd569d8e49e08c68691c76ee9100859dd57d9a11tree
parent282fc60ed4bbf30f0c74fe0434053b472eca356bcommit | diff
package/proftpd: security bump to version 1.3.6e

1.3.6e
---------
  + Fixed null pointer deference in mod_sftp when using SCP incorrectly
    (Issue #1043).

1.3.6d
---------
  + Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959).

1.3.6c
---------
  + Fixed regression in directory listing latency (Issue #863).
  + Detect OpenSSH-specific formatted SFTPHostKeys, and log hint for
    converting them to supported format.
  + Fixed use-after-free vulnerability during data transfers (Issue #903)
    [CVE-2020-9273]
  + Fixed out-of-bounds read in mod_cap by updating the bundled libcap
    (Issue #902) [CVE-2020-9272]

http://proftpd.org/docs/RELEASE_NOTES-1.3.6e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: mark as security bump, add CVEs]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/proftpd/proftpd.hash diff | blob | history
package/proftpd/proftpd.mk diff | blob | history