Home News Debian Security Advisory 1925 proftpd-dfsg – insufficient input validation

Debian Security Advisory 1925 proftpd-dfsg – insufficient input validation

October 30, 2009

Article Source Debian Security Advisories
October 30, 2009, 5:00 pm

It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a ‘’ character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled.

For the stable distribution (lenny), this problem has been fixed in version 1.3.1-17lenny4.

For the oldstable distribution (etch), this problem has been fixed in version 1.3.0-19etch3.

Binaries for the amd64 architecture will be released once they are available…

RELATED ARTICLESMORE FROM AUTHOR

Xen 4.19 is released

Advancing Xen on RISC-V: key updates

AI Produces Data-driven OpenFOAM Speedup (HPC Wire)

Delivering Prime Training Deals – 2 DAYS ONLY

Why You Need to Know About Event Modeling: —An Intro

RELATED ARTICLES MORE FROM AUTHOR