Updates to address ProFTPd vulnerability

Posted by: mstauber Category: General

A critical vulnerability has been found in ProFTPd (CVE-2019-12815) and updates to address it have been released.

Today we learned that all older versions of ProFTPd are affected by a critical vulnerability, which had received the identifier CVE-2019-12815.

To address these issues we released YUM updates today to provide the latest ProFTPd-1.3.7-RC1 for all BlueOnyx versions.

All BlueOnyx users are urged to perform a "yum clean all" and a "yum update" to make sure that they are fully up to date.

The updates for BlueOnyx 5209R, 5208R and 5207R bring an updated ProFTPd, base-ftp-* and Swatch aboard. As several configurational directives in proftpd.conf have been deprecated ("IdentLookups" and "LoginPasswordPrompt") it is necessary to write out new ProFTPd configuration files. During the YUM update base-ftp-* and Swatch will take care of that for you.

As BlueOnyx 5107R and 5108R (the ones with the old GUI) have been hibernating without anything but the most critical security updates for the last 3-4 years we also decided to retire them effective immediately. A final YUM update was released, which will automatically YUM update them to BlueOnyx 5207R and 5208R respectively.

Jul 23, 2019 Category: General Posted by: mstauber
Previous page: Development Next page: Mailing List