drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in ProFTPD
Name: |
Überschreiben von Dateien in ProFTPD |
|
ID: |
FEDORA-2017-6bfa33dd9d |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 24 |
|
Datum: |
Fr, 12. Mai 2017, 23:29 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
https://bugzilla.redhat.com/show_bug.cgi?id=1443507 |
|
Applikationen: |
ProFTPD |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2017-6bfa33dd9d 2017-05-12 14:08:49.129907 ------------------------------------------------------------------------------- -
Name : proftpd Product : Fedora 24 Version : 1.3.5e Release : 2.fc24 URL : http://www.proftpd.org/ Summary : Flexible, stable and highly-configurable FTP server Description : ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility.
This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by systemd instead are included.
------------------------------------------------------------------------------- - Update Information:
With the previous security update for CVE-2017-7418, setting `AllowChrootSymlinks off` could cause login failures depending on filesystem permissions. This fixed release uses the IDs of the logging-in user to perform the directory walk, looking for symlinks, to be more consistent with similar checks done during login. * http://bugs.proftpd.org/show_bug.cgi?id=4306 * https://bugzilla.redhat.com/show_bug.cgi?id=1443507 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1443507 - wrong uid used for accessing home directory : no login possible https://bugzilla.redhat.com/show_bug.cgi?id=1443507 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade proftpd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|