http://bugzilla.opensuse.org/show_bug.cgi?id=1142281 Alexandros Toptsoglou changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|VUL-1: CVE-2019-12815: |VUL-0: CVE-2019-12815: |proftpd: arbitrary file |proftpd: arbitrary file |copy in mod_copy allows |copy in mod_copy allows |for remote code execution |for remote code execution |and information disclosure |and information disclosure |without authentication |without authentication Severity|Normal |Major -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1142281 http://bugzilla.opensuse.org/show_bug.cgi?id=1142281#c3 --- Comment #3 from Christian Wittmer --- backported patch from 1.3.6 branch for 1.3.5e taken from here: http://bugs.proftpd.org/show_bug.cgi?id=4372 refers to commit: https://github.com/proftpd/proftpd/commit/a73dbfe3b61459e7c2806d5162b12f0957... waiting for 1.3.6 Release update with patch included -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.opensuse.org/show_bug.cgi?id=1142281 http://bugzilla.opensuse.org/show_bug.cgi?id=1142281#c9 Alexandros Toptsoglou changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED Flags|needinfo?(atoptsoglou@suse. | |com) | --- Comment #9 from Alexandros Toptsoglou --- (In reply to Christian Wittmer from comment #8)

Hi Alexandros,

can we close this ???

Sure. Thanks for pointing out. -- You are receiving this mail because: You are on the CC list for the bug.