Debian Security Advisory: New proftpd packages for m68k availableMar 06, 2001, 05:56 (0 Talkback[s])
(Other stories by Martin Schulze)
Date: Tue, 6 Mar 2001 03:14:53 +0100
Debian Security Advisory DSA-029-2 firstname.lastname@example.org http://www.debian.org/security/ Martin Schulze March 6, 2001
Package : proftpd Vulnerability : remote DOS & potential buffer overflow Debian-specific: noIn Debian Security Advisory DSA 029-1 we have reported several vulnerabilities in proftpd that have been fixed. For details please read the main advisory. This upload fixes:
1. A memory leak which can result in a denial of service, as reported by Wojciech Purczynski. The default configuration of proftpd in Debian is not vulnerable.
2. A similar memory leak affects the USER command, also as reported by Wojciech Purczynski.
3. Format string vulnerabilities reported by Przemyslaw Frasunek.
The most recent advisory covering proftpd missed one architecture that was released with Debian GNU/Linux 2.2. Therefore this advisory is only an addition to DSA 029-1 and only adds the relevant package for the Motorola 680x0 architecture.
We recommend you upgrade your sudo packages for m68k immediately.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures.
Motorola 680x0 architecture:
For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
For apt-get: deb http://security.debian.org/