Hi, This GLSA set =proftpd-1.2* too but i think just 1.3 is vulnerable. Best regards, ************* srv160 ~ # glsa-check -t 200611-26 This system is affected by the following GLSAs: 200611-26 srv160 ~ # equery l proftpd [ Searching for package 'proftpd' in all categories among: ] * installed packages [I--] [ ] net-ftp/proftpd-1.2.10-r7 (0)
According to all three CVE ids, versions prior to 1.3 is affected. Do you have any references saying otherwise?
Apparently not. Suggest INVALID.