FEDORA-EPEL-2017-f057518fbd created by pghmcfc 2 years ago for Fedora EPEL 7
stable

Current upstream maintenance release for the 1.3.5 series.

Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.

This update has been submitted for testing by pghmcfc.

2 years ago

This update has obsoleted proftpd-1.3.5e-1.el7, and has inherited its bugs and notes.

2 years ago

pghmcfc edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by pghmcfc.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1439693 CVE-2017-7418 proftpd: AllowChrootSymlinks control bypass
0
0
BZ#1439696 CVE-2017-7418 proftpd: AllowChrootSymlinks control bypass [epel-all]
0
0

Automated Test Results