-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 3.0 (quilt) Source: proftpd-dfsg Binary: proftpd-basic, proftpd-dev, proftpd-doc, proftpd-mod-mysql, proftpd-mod-pgsql, proftpd-mod-ldap, proftpd-mod-odbc, proftpd-mod-sqlite, proftpd-mod-geoip Architecture: any all Version: 1.3.5-1.1+deb8u1 Maintainer: ProFTPD Maintainance Team <[email protected]> Uploaders: Francesco Paolo Lovergine <[email protected]> Homepage: http://www.proftpd.org/ Standards-Version: 3.9.4 Vcs-Browser: http://git.debian.org/?p=pkg-proftpd/proftpd-dfsg.git Vcs-Git: git://git.debian.org/pkg-proftpd/proftpd-dfsg.git Build-Depends: autotools-dev, debhelper (>= 7), libacl1-dev, libattr1-dev, libcap-dev [linux-any], libldap2-dev, libmysqlclient-dev, libncurses5-dev, libpam-dev, libpcre3-dev, libpq-dev, libsqlite3-dev, libssl-dev (>= 0.9.8l), libwrap0-dev, unixodbc-dev, zlib1g-dev, libgeoip-dev, libmemcached-dev (>= 0.41), hardening-includes Package-List: proftpd-basic deb net optional arch=any proftpd-dev deb net optional arch=any proftpd-doc deb doc optional arch=all proftpd-mod-geoip deb net optional arch=any proftpd-mod-ldap deb net optional arch=any proftpd-mod-mysql deb net optional arch=any proftpd-mod-odbc deb net optional arch=any proftpd-mod-pgsql deb net optional arch=any proftpd-mod-sqlite deb net optional arch=any Checksums-Sha1: 7eef9570efe6c82c47b76163162432b9ba37f81d 7432816 proftpd-dfsg_1.3.5.orig.tar.gz ce7c58c2501e981ec608d8dfc2ffdcfba73d5ad4 85580 proftpd-dfsg_1.3.5-1.1+deb8u1.debian.tar.xz Checksums-Sha256: 8ac3104658b9ce7cf308d9abc3d4b38168f0a7fdc25c1d88c565dedf319ba287 7432816 proftpd-dfsg_1.3.5.orig.tar.gz 85497046c6a27e24bf19b351286542c45e41456fa82a62c33f01fecda64ca1c6 85580 proftpd-dfsg_1.3.5-1.1+deb8u1.debian.tar.xz Files: dd7b56fbba49bd47dc1eb5344c6a7ef8 7432816 proftpd-dfsg_1.3.5.orig.tar.gz 03ce9da66719ea1acee54200562ce7f9 85580 proftpd-dfsg_1.3.5-1.1+deb8u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVW48SAAoJEBC+iYPz1Z1kjlsH/RpqN7eB+saryRSLc6MDdKOm QcZhzRwCLmUbZYUlRRqNNl7TRtxYHg+iqLCqUkV0L671LdtyJKbqHqo7SNMR1x3T qYSAGmYNn5J7TpaRwpfw9FZo/M9z8KJHT3aASfqkFxCc/oeuNHbHzFhIksDlwwV9 RDxqR67QY0iw2yaE0md4EmjPw5Vr0MKrZJcHd3NQtceahUR8u+HDpKs9JRUErFpd WKj/1yGN2PdhePeSh25uDfXbzWhjJsKS81PLP6vOhftV81F0uSiIG3fEVa2Ph/YR GLwlqlroVa+rZXjJqMNqDJE8OaUynTgxmCZC02ETZwDgHApF/fFUcRLMj6b5p6w= =XLhK -----END PGP SIGNATURE----- Changes: proftpd-dfsg (1.3.5-1.1+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team * Fix CVE-2015-3306: unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy (Closes: #782781) -- Sebastien Delafond <[email protected]> Tue, 19 May 2015 12:53:10 +0200