proftpd-basic 1.3.5a-1ubuntu0.1

Asked by Ryan Young on 2020-03-26

Hello,
I hope you can help me. Is the CVE-2019-12815 CVE vulnerability fixed in proftpd-basic-1.3.5a-1ubuntu0.1 package on Ubuntu 16.04.

Thanks so much,
Ryan

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu proftpd-dfsg Edit question
Assignee:
No assignee Edit question
Last query:
2020-03-26
Last reply:
2020-03-28
Manfred Hampl (m-hampl) said : #1

see https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12815.html

apparently not fixed (yet) in Ubuntu 16.04 and 18.04

There are even other vulnerabilities with CVE number that might be missing to be fixed, see https://people.canonical.com/~ubuntu-security/cve/pkg/proftpd-dfsg.html

Is there no scope to switch to SFTP? FTP is awful
https://mywiki.wooledge.org/FtpMustDie

Can you help with this problem?

Provide an answer of your own, or ask Ryan Young for more information if necessary.

To post a message you must log in.