[Bug 237533] CVE-2007-2165: proftpd auth bypass vulnerability

15 Jun 2007


      Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-2165: proftpd auth bypass vulnerability
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=237533
matthias@rpmforge.net changed:
What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
------- Additional Comments From matthias@rpmforge.net  2007-06-15 11:41 EST -------
Still no backport of the patch to the stable 1.3.0a release. It's pretty
annoying, since the patch against the latest RC doesn't apply cleanly because of
variable name changes. I tried to backport it, but the risk in _me_ doing so is
just too high.
I really don't understand how/why projects decide to not provide security
patches for what they consider to be the current stable release... I'm going to
push new proftpd packages anyway, to fix bug #244168 but not this bug,
unfortunately :-(
-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Bug 237533] CVE-2007-2165: proftpd auth bypass vulnerability