Nom du paquet
pure-ftpd
Date
2011-03-17
Advisory ID
MDVSA-2011:046
Affected versions
2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problem description

A security flaw was discovered in pure-ftpd which allows plaintext
command injection over TLS (similar to CVE-2011-0411).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Updated packages

2009.0 x86_64

 9fbbd20ce659012dcef2ea534b3e065c  2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm
 d953ece1911ad4f744b5fe5f704c2e9e  2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm
 fd131923aa12607939a33ab0d5a47690  2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm 
 32f302505171f7d7801acec8e0aac0ab  2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm

MES5 i586

 3e3694e0220ab4cfc55b3d0614443d5d  mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm
 c281cdd9b6ab44f956802cbd9d327e36  mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm
 ab25c5522a053fddf570a7af29f79db7  mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm 
 71436d40f9fe4780edc71f326a71324c  mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm

2010.0 x86_64

 897957ada6eadf9e87bae3e26ff442fe  2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm
 add9ece828990b566192691992e43cc6  2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm
 6c82671449daf5c7b9d6e40c4c33939b  2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm 
 5370b6f3148695cae7d37dd7a79c4158  2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm

2010.1 i586

 441c80d9c965274c99d34fce9a4bb6ca  2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm
 f73c5b101a3100fa5ccf7be95cb820c1  2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm
 1bf7c0076615559f213f9e90aabe1ee3  2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm 
 77f0d44baa44e8abc0a5393154d1e347  2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm

2010.0 i586

 580032400f3f536b90509404bfa5ff50  2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm
 05fe3428a8378f9c7e8282d9e62c9fdf  2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm
 8e63f703e071bf7f819b98cb96eeab1d  2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm 
 5370b6f3148695cae7d37dd7a79c4158  2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm

2009.0 i586

 ed4ae86475a00faaadbda5683ee496f5  2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm
 0dea42dbd5958a0a4a4e8a47d020062a  2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm
 3f3c60fbe60ffa16a542ae78868042c1  2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm 
 32f302505171f7d7801acec8e0aac0ab  2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm

CS4.0 i586

 2054ec719cbd8c9be8ad7e9bc654f79e  corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm
 2614d3560204ffb498f6c49453442d05  corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm
 1fb356298d6a5c4b50b6822e8dde3e0b  corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm 
 63859bd845934e2d382fd2406a1fd9f7  corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm

CS4.0 x86_64

 b4d4edc6889d96135330b98057bf5396  corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm
 99ffba7cc4e729a617ca45a10baa9125  corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm
 b84684dfd4166dcf6def917014355b76  corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm 
 63859bd845934e2d382fd2406a1fd9f7  corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm

MES5 x86_64

 dd4fbf6ccb18a342b91b2bdc07048fd9  mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm
 70a0f49eaca5fd8f7a80967810fbfb7d  mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm
 7e6c3b99218158806d3c747f781a449b  mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm 
 71436d40f9fe4780edc71f326a71324c  mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm

2010.1 x86_64

 7f83617195a06fe87d4fe91f78256ea8  2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm
 d0428e106e4c4233a266b62b1208f63e  2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm
 04a2e708f8334b33fda7975f72c9afd0  2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm 
 77f0d44baa44e8abc0a5393154d1e347  2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm

References