Updated proftpd packages fix security vulnerability
Publication date: 06 Mar 2020Modification date: 06 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-9273
Description
Updated proftpd packages fix security vulnerability: Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code (CVE-2020-9273).
References
SRPMS
7/core
- proftpd-1.3.5e-4.3.mga7