Bug#946559: buster-pu: package proftpd-dfsg/1.3.6-4+deb10u3
Control: tags -1 + confirmed
On Tue, 2019-12-10 at 23:48 +0100, Hilmar Preusse wrote:
> te attached debdiff fixes the issues
>
> #946345 proftpd-dfsg: CVE-2019-19269
> #946346 proftpd-dfsg: CVE-2019-19270
>
> ...for Debian buster. I built/installed the package an Debian stable
> and could login into the server and transfer file.
+proftpd-dfsg (1.3.6-4+deb10u3) buster-security; urgency=medium
No "-security" for p-u, please.
+ * Cherry pick patch from upstream:
+ - for upstream 861 (CVE-2019-19269) (Closes: #946345)
+ - for upstream 859 (CVE-2019-19270) (Closes: #946346)
+ upstream_pull_859_861_CVE-2019-19270_CVE-2019-19269
Please go ahead.
Regards,
Adam
Reply to: