I'm not sure if this actually qualifies as a security bug so I'm assigning to the security herd to make that judgement (and also because the package has no maintainer). More information on the issue can be found here: http://scarybeastsecurity.blogspot.com/2008/07/on-ftp-ssl-and-broken-interfaces.html http://forum.filezilla-project.org/viewtopic.php?f=2&t=7580 Thus, I'd very much appreciate it if vsftpd-2.0.7 were to be keyworded stable. Copying in the relevant arches to that effect.
This is not a security issue, as the worst impact is a client-side DoS. You can easily restart the transfer once it failed. The 2.0.7 ebuild is in the tree long enough, but there's still bug 234278 and bug 241720 that are confirmed on 2.0.7. Raul, you bumped the package the last few times. Any opinion?
Please do
ppc64 stable
ppc stable
sparc stable
amd64 stable
alpha/ia64/x86 stable
arm/s390/sh stable, closing