-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 07 Sep 2011 20:39:59 +0000 Source: vsftpd Binary: vsftpd Architecture: source amd64 Version: 2.3.2-3+squeeze2 Distribution: stable-security Urgency: high Maintainer: Daniel Baumann Changed-By: Nico Golde Description: vsftpd - lightweight, efficient FTP server written for security Closes: 622741 Changes: vsftpd (2.3.2-3+squeeze2) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Disable network isolation due to a problem with cleaning up network namespaces fast enough in kernels < 2.6.35 (CVE-2011-2189). Thanks Ben Hutchings for the patch! * Fix possible DoS via globa expressions in STAT commands by limiting the matching loop (CVE-2011-0762; Closes: #622741). Checksums-Sha1: 7234c9761cbc32be34ce79278dddb7138538db9b 1328 vsftpd_2.3.2-3+squeeze2.dsc d525974514ecf61cbbf9cb51066aa68d5a52033b 187229 vsftpd_2.3.2.orig.tar.gz 9a9a24aca0c4bf7863d0ae4bd95d1337bfb30b9d 25312 vsftpd_2.3.2-3+squeeze2.diff.gz f732447cd5ffe8a0e3c2bc1687f455448b51ca53 148166 vsftpd_2.3.2-3+squeeze2_amd64.deb Checksums-Sha256: 83b3537ae8c5e4137fd2636b8282d0f5e0b9cd17848e09435b3a103aa930d654 1328 vsftpd_2.3.2-3+squeeze2.dsc a4e04836d8e271f361030e6a679ad001046c3e37f59e9fee5114189f9e065336 187229 vsftpd_2.3.2.orig.tar.gz 21c48a68b73926bfa28925db8472d811da77032f115b8961c195481387316586 25312 vsftpd_2.3.2-3+squeeze2.diff.gz e839fc8cd741b76572f90b7c363932daef6fb6bc26fefad497046328b912ba30 148166 vsftpd_2.3.2-3+squeeze2_amd64.deb Files: 080129573f1482cb2530cbd4e0f78175 1328 net extra vsftpd_2.3.2-3+squeeze2.dsc bad7b117d737a738738836041edc00db 187229 net extra vsftpd_2.3.2.orig.tar.gz 3a9eee70c852d49d91102220ce258071 25312 net extra vsftpd_2.3.2-3+squeeze2.diff.gz f0e8e5fc8471b574e9bc7a6927db691b 148166 net extra vsftpd_2.3.2-3+squeeze2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk52fU0ACgkQHYflSXNkfP9xagCgpJMl8AiwDetNf+TKOPYElRNM ZHEAoIB4QO8aqpOdUTjnaJplWKwlgtai =UkSH -----END PGP SIGNATURE-----