Advisories » MGASA-2023-0356

Updated proftpd packages fix a security vulnerability

Publication date: 29 Dec 2023
Modification date: 29 Dec 2023
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-48795

Description

ProFTPd upstream has released version 1.3.8b to fix CVE-2023-48795.
From the changelog:
- Implemented mitigations for "Terrapin" SSH attack (CVE-2023-48795).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32644
• https://github.com/proftpd/proftpd/blob/1.3.8/RELEASE_NOTES
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

SRPMS

9/core

• proftpd-1.3.8b-1.mga9