Slackware: 2020-051-01: proftpd Security Update

    Date 20 Feb 2020
    561
    Posted By LinuxSecurity Advisories
    New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    [slackware-security]  proftpd (SSA:2020-051-01)
    
    New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
    to fix a security issue.
    
    
    Here are the details from the Slackware 14.2 ChangeLog:
    +--------------------------+
    patches/packages/proftpd-1.3.6c-i586-1_slack14.2.txz:  Upgraded.
      No CVEs assigned, but this sure looks like a security issue:
      Use-after-free vulnerability in memory pools during data transfer.
      (* Security fix *)
    +--------------------------+
    
    
    Where to find the new packages:
    +-----------------------------+
    
    Thanks to the friendly folks at the OSU Open Source Lab
    (https://osuosl.org) for donating FTP and rsync hosting
    to the Slackware project!  :-)
    
    Also see the "Get Slack" section on https://slackware.com for
    additional mirror sites near you.
    
    Updated package for Slackware 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/proftpd-1.3.6c-i486-1_slack14.0.txz
    
    Updated package for Slackware x86_64 14.0:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/proftpd-1.3.6c-x86_64-1_slack14.0.txz
    
    Updated package for Slackware 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/proftpd-1.3.6c-i486-1_slack14.1.txz
    
    Updated package for Slackware x86_64 14.1:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/proftpd-1.3.6c-x86_64-1_slack14.1.txz
    
    Updated package for Slackware 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/proftpd-1.3.6c-i586-1_slack14.2.txz
    
    Updated package for Slackware x86_64 14.2:
    ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/proftpd-1.3.6c-x86_64-1_slack14.2.txz
    
    Updated package for Slackware -current:
    ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/proftpd-1.3.6c-i586-1.txz
    
    Updated package for Slackware x86_64 -current:
    ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/proftpd-1.3.6c-x86_64-1.txz
    
    
    MD5 signatures:
    +-------------+
    
    Slackware 14.0 package:
    ad130cbacf59ba92d23da0b8c6dd5c8e  proftpd-1.3.6c-i486-1_slack14.0.txz
    
    Slackware x86_64 14.0 package:
    e0e9d4bfd44229fc5cbb0d16decd62e1  proftpd-1.3.6c-x86_64-1_slack14.0.txz
    
    Slackware 14.1 package:
    8e3126f9af6dbbf817bd43e77ca9cc8d  proftpd-1.3.6c-i486-1_slack14.1.txz
    
    Slackware x86_64 14.1 package:
    ea71c0df4222e5b2046876aef3461acc  proftpd-1.3.6c-x86_64-1_slack14.1.txz
    
    Slackware 14.2 package:
    cff0f04f8d96e58c9315900ab27e770a  proftpd-1.3.6c-i586-1_slack14.2.txz
    
    Slackware x86_64 14.2 package:
    993452ec1b0c1a6785a09d0e960be20c  proftpd-1.3.6c-x86_64-1_slack14.2.txz
    
    Slackware -current package:
    8c5c8c09c9ce10219fd92ecf72f742cf  n/proftpd-1.3.6c-i586-1.txz
    
    Slackware x86_64 -current package:
    346f1b9c24259e9f61e1063a15bdbef1  n/proftpd-1.3.6c-x86_64-1.txz
    
    
    Installation instructions:
    +------------------------+
    
    Upgrade the package as root:
    # upgradepkg proftpd-1.3.6c-i586-1_slack14.2.txz
    
    
    +-----+
    

    LinuxSecurity Poll

    Are you considering making the switch to Purism's new Librem 14 Linux laptop to improve your security and privacy online?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/31-are-you-considering-making-the-switch-to-purism-s-new-librem-14-linux-laptop-to-improve-your-security-and-privacy-online?task=poll.vote&format=json
    31
    radio
    [{"id":"109","title":"Yes - the hardware kill switches and default ad blocking\/tracking protection sold me on it.","votes":"2","type":"x","order":"1","pct":40,"resources":[]},{"id":"110","title":"Not sure yet - I need to do more research.","votes":"2","type":"x","order":"2","pct":40,"resources":[]},{"id":"111","title":"No - I'm satisfied with my current laptop and have no security\/privacy concerns.","votes":"1","type":"x","order":"3","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.