Ubuntu
pure-ftpd package

  1. Bug #1381840
  2. Comment #6

Comment 6 for bug 1381840

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pure-ftpd - 1.0.36-1.1ubuntu0.1

---------------
pure-ftpd (1.0.36-1.1ubuntu0.1) trusty-security; urgency=low

  * SECURITY-UPDATE: SSLv3 is enabled by default allowing the POODLE
    attack (LP: #1381840)
    - debian/pure-ftpd-wrapper: enable loading of TLSCipherSuite parameter
    - debian/etc/TLSCipherSuite: disable SSLv3
    - CVE-2014-3566

 -- Joshua Zeitlinger <email address hidden> Sat, 28 May 2016 19:50:18 -0400