Sicherheit: Überschreiben von Dateien in ProFTPD (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in ProFTPD (Aktualisierung)
ID: FEDORA-2017-162b95c5fd
Distribution: Fedora
Plattformen: Fedora 25
Datum: Mo, 15. Mai 2017, 07:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
Applikationen: ProFTPD
Update von: Überschreiben von Dateien in ProFTPD


Fedora Update Notification
2017-05-14 20:16:02.223863

Name : proftpd
Product : Fedora 25
Version : 1.3.5e
Release : 2.fc25
URL : http://www.proftpd.org/
Summary : Flexible, stable and highly-configurable FTP server
Description :
ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple 'virtual' FTP servers, anonymous FTP, and permission-based

This package defaults to the standalone behavior of ProFTPD, but all the
needed scripts to have it run by systemd instead are included.

Update Information:

With the previous security update for CVE-2017-7418, setting
`AllowChrootSymlinks off` could cause login failures depending on filesystem
permissions. This fixed release uses the IDs of the logging-in user to perform
the directory walk, looking for symlinks, to be more consistent with similar
checks done during login. * http://bugs.proftpd.org/show_bug.cgi?id=4306 *

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade proftpd' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Unterstützer werden
Neue Nachrichten