[MacPorts] #27452: security: ProFTPD 1.3.3c
MacPorts
noreply at macports.org
Thu Nov 25 09:34:34 PST 2010
#27452: security: ProFTPD 1.3.3c
------------------------------+---------------------------------------------
Reporter: mas@… | Owner: mas
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 1.9.2
Keywords: security proftpd | Port: proftpd
------------------------------+---------------------------------------------
On October 29, 2010 (sic!), an important security update (fixing an
unauthenticated remote security vulnerability while handling telnet IAC
control characters) was published as ProFTPD 1.3.3c. MacPorts still
remains at the vulnerable version 1.3.2c. I consider this to be broken.
Attached is a patch to just update to 1.3.3c (not incorporating the other
patches waiting for ProFTPD).
As per our rules, I am not directly committing this, as ProFTPD is not
openmaintainer. I will, however, commit within two hours if nobody has
any objections, as this is a security update that should really have been
done long ago.
--
Ticket URL: <https://trac.macports.org/ticket/27452>
MacPorts <http://www.macports.org/>
Ports system for Mac OS
More information about the macports-tickets
mailing list