-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 25 Sep 2006 12:04:40 +0200 Source: linux-ftpd Binary: ftpd Architecture: source i386 Version: 0.17-20sarge2 Distribution: stable-security Urgency: high Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org> Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org> Description: ftpd - FTP server Closes: 384454 Changes: linux-ftpd (0.17-20sarge2) stable-security; urgency=high . * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) Files: 371222af9e3f445d8b1a0622f3a70382 610 net extra linux-ftpd_0.17-20sarge2.dsc f5f491564812db5d8783daa538c49186 46763 net extra linux-ftpd_0.17.orig.tar.gz 3848d3d15b78aa4dd17b0e09c64b15a8 16034 net extra linux-ftpd_0.17-20sarge2.diff.gz 10ce0c8367e83b1ce1419b244753dcc0 43310 net extra ftpd_0.17-20sarge2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFFVO4wXm3vHE4uyloRAplsAKDPdPZw/VrKq5KXLEt2Pg9xMZ9z7ACgyF0O g0W1srpyhg4eyyTRnyTEHRk= =2E1u -----END PGP SIGNATURE----- Accepted: ftpd_0.17-20sarge2_i386.deb to pool/main/l/linux-ftpd/ftpd_0.17-20sarge2_i386.deb linux-ftpd_0.17-20sarge2.diff.gz to pool/main/l/linux-ftpd/linux-ftpd_0.17-20sarge2.diff.gz linux-ftpd_0.17-20sarge2.dsc to pool/main/l/linux-ftpd/linux-ftpd_0.17-20sarge2.dsc