Security update for proftpd
This update for proftpd fixes the following issues:
proftpd was updated to 1.3.8b - released 19-Dec-2023
- CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity (boo#1218144)
- CVE-2023-51713: Fixed Out-of-bounds buffer read when handling FTP commands. (boo#1218344)
-
Submitted by
Christian Wittmer (computersalat)
Fixed bugs
bnc#1218344
VUL-0: CVE-2023-51713: proftpd: make_ftp_cmd in main.c has a one-byte out-of-bounds read, and daemon crash
bnc#1218144
VUL-0: CVE-2023-48795: proftpd: prefix truncation breaking ssh channel integrity
