Information on source package pure-ftpd

Available versions

ReleaseVersion
jessie1.0.36-3.2+deb8u1
stretch1.0.43-3
buster1.0.47-3
bullseye1.0.49-4.1
bookworm1.0.50-2.1
trixie1.0.50-2.2
sid1.0.50-2.2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-48208vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerablepure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an ...
CVE-2021-40524vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism ...
CVE-2020-9365fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) re ...
CVE-2020-9274fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer ...
CVE-2019-20176vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedIn Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the li ...

Resolved issues

BugDescription
TEMP-0000000-00657Fpure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem
CVE-2017-12170Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vuln ...
CVE-2011-1575The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 ...
CVE-2011-0988pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and S ...
CVE-2011-0418The glob implementation in Pure-FTPd before 1.0.32, and in libc in Net ...
CVE-2004-0656The accept_client function in PureFTPd 1.0.18 and earlier allows remot ...

Security announcements

DSA / DLADescription
DLA-2123-1pure-ftpd - security update

Search for package or bug name: Reporting problems