CVE-2020-9273 (https://nvd.nist.gov/vuln/detail/CVE-2020-9273): In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
Upstream patches: https://github.com/proftpd/proftpd/commit/d388f7904d4c9a6d0ea54237b8b54a57c19d8d49 (master) https://github.com/proftpd/proftpd/commit/e845abc1bd86eebec7a0342fded908a1b0f1996b (1.3.6.c)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bfa4622ef7d68e3fb14fc62e84d9ad549338373d commit bfa4622ef7d68e3fb14fc62e84d9ad549338373d Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2020-02-25 08:39:33 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2020-02-25 08:39:51 +0000 net-ftp/proftpd: bump up to 1.3.6c, bug #710730 Bug: https://bugs.gentoo.org/710730 Package-Manager: Portage-2.3.89, Repoman-2.3.20 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> net-ftp/proftpd/Manifest | 1 + net-ftp/proftpd/proftpd-1.3.6c.ebuild | 274 ++++++++++++++++++++++++++++++++++ 2 files changed, 275 insertions(+)
This also fixes CVE-2020-9272.
CVE-2020-9272 (https://nvd.nist.gov/vuln/detail/CVE-2020-9272): ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself. proftpd-1.3.6c
sparc stable
This issue was resolved and addressed in GLSA 202003-35 at https://security.gentoo.org/glsa/202003-35 by GLSA coordinator Thomas Deutschmann (whissi).
Re-opening for remaining architectures.
amd64 stable
arm stable
ia64 stable
ppc stable
ppc64 stable
x86 stable
hppa stable
Thanks arches. @maintainer(s), ok to cleanup?
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=195ad646be2d92d29e5dbd218a7918d633b12b29 commit 195ad646be2d92d29e5dbd218a7918d633b12b29 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2020-03-18 21:30:45 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2020-03-18 21:30:52 +0000 net-ftp/proftpd: drop <net-ftp/proftpd-1.3.6c, bug #710730 Bug: https://bugs.gentoo.org/710730 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> net-ftp/proftpd/Manifest | 1 - net-ftp/proftpd/proftpd-1.3.6b-r1.ebuild | 275 ------------------------------- 2 files changed, 276 deletions(-)
Arches and Maintainer(s), Thank you for your work. Closing since GLSA was released
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Unable to check for sanity: > no match for package: net-ftp/proftpd-1.3.6c