Updated proftpd packages fix security vulnerabilitiesPublication date: 07 Nov 2019
Affected Mageia releases : 7
CVE: CVE-2019-12815 , CVE-2019-12817
Updated proftpd package fixes security vulnerabilities: It was discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands (CVE-2019-12815). It was discovered that due to incorrect handling of overly long commands, a remote unauthenticated user could trigger a denial-of-service by reaching an endless loop (CVE-2019-18217).