oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2026-42167: SQL injection in ProFTPd prior to 1.3.9a

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Fri, 1 May 2026 09:13:17 -0700
On 5/1/26 02:25, Valtteri Vuorikoski wrote:

The official site <https://www.proftpd.org> seems to be down at the moment so I
don't know if or how this has been officially announced.

It is listed in the NEWS filed for the 1.3.9a release on their github repo:
https://github.com/proftpd/proftpd/blob/1.3.9/NEWS

The bug report is also visible there:
https://github.com/proftpd/proftpd/issues/2052

--
        -Alan Coopersmith-                 alan.coopersmith () oracle com
         Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Previous By Date Next
Previous By Thread Next

Current thread: