-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 07 Aug 2019 17:07:51 +0200 Source: proftpd-dfsg Binary: proftpd-basic proftpd-dev proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap proftpd-mod-odbc proftpd-mod-sqlite proftpd-mod-geoip Architecture: source amd64 all Version: 1.3.5e+r1.3.5-2+deb8u3 Distribution: jessie-security Urgency: high Maintainer: ProFTPD Maintainance Team <pkg-proftpd-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: proftpd-basic - Versatile, virtual-hosting FTP daemon - binaries proftpd-dev - Versatile, virtual-hosting FTP daemon - development files proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-geoip - Versatile, virtual-hosting FTP daemon - GeoIP module proftpd-mod-ldap - Versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - Versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-odbc - Versatile, virtual-hosting FTP daemon - ODBC module proftpd-mod-pgsql - Versatile, virtual-hosting FTP daemon - PostgreSQL module proftpd-mod-sqlite - Versatile, virtual-hosting FTP daemon - SQLite3 module Changes: proftpd-dfsg (1.3.5e+r1.3.5-2+deb8u3) jessie-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2019-12815: Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. Checksums-Sha1: a40860f8b49f6e804f5944395f1614177a2ca9f6 2985 proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.dsc 7b38338c619775dfd3c321eeac586669692e883b 96960 proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.debian.tar.xz b8c47e08ce83537619b555251a3ac58670429615 2460658 proftpd-basic_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 7079589d82ae552d9d7df805a41cae3d61be3118 961248 proftpd-dev_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 9e29f33ed2f608343e881e8b23e5680dabab3001 476608 proftpd-mod-mysql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb cc86e4f629b35cf32ef480d3f07a3ddc36e68bde 476292 proftpd-mod-pgsql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 51754cbf9ded6362937f5826292b31de7d9ad7a3 484454 proftpd-mod-ldap_1.3.5e+r1.3.5-2+deb8u3_amd64.deb ed0ba68f85a5c5f80bd5c8d5ce58017fdb002fd1 477588 proftpd-mod-odbc_1.3.5e+r1.3.5-2+deb8u3_amd64.deb ce48b74f7c116c4177ff8848bbc062b922caaa58 475684 proftpd-mod-sqlite_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 1f12806aac5a024e1dcdc9999791908fea0e8af2 477296 proftpd-mod-geoip_1.3.5e+r1.3.5-2+deb8u3_amd64.deb b2f0516dd150d9fa6557603a5877f308d399def2 948774 proftpd-doc_1.3.5e+r1.3.5-2+deb8u3_all.deb Checksums-Sha256: e083e8f0b11b825ad7ef089553521ac86bb7058e29e67fb5af01799d862b67f4 2985 proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.dsc 58fd61b0c49656d2eb28d4633f8838563c9d18503c646d0db746baa78c3e0436 96960 proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.debian.tar.xz 7e99cfabb154c963deb1c2d08f9b786228b9fa6d4a1cc530a0f91d929964f442 2460658 proftpd-basic_1.3.5e+r1.3.5-2+deb8u3_amd64.deb cd3066e51df9c144e898b25a451c6786d8511de5d0fc397e22cff48a519f310e 961248 proftpd-dev_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 704fa08812c478a581834228cb6e828e606d9fbdbd974aea6bde64fd275669d8 476608 proftpd-mod-mysql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 92a1e51a75e5703e075aa93ad51f0c12337bf15d7efc34c99215ca560211b5df 476292 proftpd-mod-pgsql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 59ce7b4e91b538f79d0cc46de1aa1ac686a09539767eb509f2344848ed8657f5 484454 proftpd-mod-ldap_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 5de7788890d6f65cf10c8baf6401bc170f0c4907b0d319a66d413aa5186eb628 477588 proftpd-mod-odbc_1.3.5e+r1.3.5-2+deb8u3_amd64.deb bfe968bb396c399c179ea8eeca56b19cef60abe0bbf7b3ea867a90c113de8ea0 475684 proftpd-mod-sqlite_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 631fdf954e01028d5f27c90dac720f9254691d5dd8dd2005a6e5d5986f73bed1 477296 proftpd-mod-geoip_1.3.5e+r1.3.5-2+deb8u3_amd64.deb ff86f7bd06a9daab389d7a8feea0b24af2953ea4c7d7ba0f49cee0f555f223e7 948774 proftpd-doc_1.3.5e+r1.3.5-2+deb8u3_all.deb Files: fef40e244115f23dbe6a2bb97e44a460 2985 net optional proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.dsc e3cf82662ac1ad320176523f60ebc59c 96960 net optional proftpd-dfsg_1.3.5e+r1.3.5-2+deb8u3.debian.tar.xz 149f6954844f67b89f0a7f595ad8bbb5 2460658 net optional proftpd-basic_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 59d99d9156947be3b28b6b5dde84f556 961248 net optional proftpd-dev_1.3.5e+r1.3.5-2+deb8u3_amd64.deb c03d19783da28bde235579725224c118 476608 net optional proftpd-mod-mysql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 7ffabb5954e1c0804e7a91582d10e655 476292 net optional proftpd-mod-pgsql_1.3.5e+r1.3.5-2+deb8u3_amd64.deb bd5eadabcf9ec91e6a09273c7815a43e 484454 net optional proftpd-mod-ldap_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 00234277d330bcc284bffa647b97a111 477588 net optional proftpd-mod-odbc_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 312cd6caa3a50d4b66320b0dc6bb01ca 475684 net optional proftpd-mod-sqlite_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 08e89ed770c3eec5c47eb4fe866aa73e 477296 net optional proftpd-mod-geoip_1.3.5e+r1.3.5-2+deb8u3_amd64.deb 91e1c4d3aa023ba8e047f0f6adfa430d 948774 doc optional proftpd-doc_1.3.5e+r1.3.5-2+deb8u3_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1LKstfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkZHEP/0Vn9KiOXPmusRKL3gkNDk03DEG6JB/N9GUp 5+RD4k0e1xxLcK+K9DyACMIBRMOnB04m745WtI19p9x4REnJabxGIbtQdhpiazFv e8kp0+03Te66C5WQCdjHF4+84rjuzKeB/j3QEGQf4BllgDwG6IAVGzTTO1wwRuom DhU8+ie89tCMpkZ7/V7PiLzRROWbuO2i/DaHcKgzRLgkoCND/PT74bAuFRz//T3A EftmSuKMj+U0k5P/lQZUkk9/EKG7JJzJN3dx1x4IoulOcEFyk/a3tuAz77UV3xWI j+oym2izaSLYkwvfBDRp9QXIlFGvoQrqjBzm40izvxo8A56JJI7FeE8LOTOqVNxl sys8IttGu+Y1Vk8O7A2IVuyIytULxO096y8ttSflqXwNQ11i/60S8AFvACsxXmbq 9ADRIyeMHkFGK6Ccnjg5TW2ChVL7DhGydTqTl+0yxw+g7GGUT7xl/enlemag357g fdvrdTpedn149I1sHxj+W9DWtCvgSwJOdAmDdfoV8pEuDQPSpZui2o0dlEm96zzx RQdqGKWIm5xRmgEQ+5Yru6ClO+hbE4yBBPvKqVTFj65jnY47A6Z+IyIKAnuLlf1o PNTb9Vuw+VpqlAU5i5LDnxsE9lkikpF8DeglFMoxw5W3/P+0uO+dEnzkUPiURyc9 RW8daXNT =Dm3J -----END PGP SIGNATURE-----
