Bug#285128: CAN-2004-1165: FTP command injection bug

To: 285128@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Bug#285128: CAN-2004-1165: FTP command injection bug
From: Adeodato Simó <asp16@alu.ua.es>
Date: Thu, 30 Dec 2004 15:16:26 +0100
Message-id: <[🔎] 20041230141625.GA13898@chistera.yi.org>
Reply-to: Adeodato Simó <asp16@alu.ua.es>, 285128@bugs.debian.org
In-reply-to: <[🔎] 20041210195151.GA13826@kitenet.net>
References: <[🔎] 20041210195151.GA13826@kitenet.net>

tag 285128 sarge sid
stop here

* Joey Hess [Fri, 10 Dec 2004 14:51:51 -0500]:

> The advisory says that it affects version >= 3.3.1, so perhaps our
> 3.2.3-1/2.3.3-1 in t-p-u/testing are not vulnerable. I've not checked.

  just for the record: yes, 3.2 is vulnerable. upstream released patches
  for both the 3.3.x and 3.2.x series.

-- 
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
Old men are fond of giving good advice to console themselves for their
inability to set a bad example.
                -- La Rochefoucauld, "Maxims"

Reply to:

Follow-Ups:
- Processed: Re: CAN-2004-1165: FTP command injection bug
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#285128: CAN-2004-1165: FTP command injection bug
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Processed: Re: CAN-2004-1165: FTP command injection bug
Next by Date: kdenonbeta/icecream/icecream/debian
Previous by thread: Bug#285128: CAN-2004-1165: FTP command injection bug
Next by thread: Processed: Re: CAN-2004-1165: FTP command injection bug
Index(es):
- Date
- Thread