[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2020:0031-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":94,"epss":9,"epss_history":95,"metrics":96,"affected":97},"OPENSUSE-SU-2020:0031-1","Security update for proftpd\n\nThis update for proftpd fixes the following issues:\n\n* GeoIP has been discontinued by Maxmind (boo#1156210)\n  This update removes module build for geoip\n    see https://support.maxmind.com/geolite-legacy-discontinuation-notice/\n\n- CVE-2019-19269: Fixed a NULL pointer dereference may occur when validating the certificate of a client connecting to the server (boo#1157803)\n- CVE-2019-19270: Fixed a Failure to check for the appropriate field of a CRL entry prevents some valid CRLs from being taken into account (boo#1157798)\n- CVE-2019-18217: Fixed remote unauthenticated denial-of-service due to incorrect handling of overly long commands (boo#1154600 gh#846)\n\nUpdate to 1.3.6b\n\n* Fixed pre-authentication remote denial-of-service issue (Issue #846).\n* Backported fix for building mod_sql_mysql using MySQL 8 (Issue #824).\n\nUpdate to 1.3.6a:\n\n* Fixed symlink navigation (Bug#4332).\n* Fixed building of mod_sftp using OpenSSL 1.1.x releases (Issue#674).\n* Fixed SITE COPY honoring of \u003CLimit> restrictions (Bug#4372).\n* Fixed segfault on login when using mod_sftp + mod_sftp_pam (Issue#656).\n* Fixed restarts when using mod_facl as a static module\n* Add missing Requires(pre): group(ftp) for Leap 15 and Tumbleweed (boo#1155834)\n* Add missing Requires(pre): user(ftp) for Leap 15 and Tumbleweed (boo#1155834)\n* Use pam_keyinit.so (boo#1144056)\n\n- Reduce hard dependency on systemd to only that which is\n  necessary for building and installation.\n\nupdate to 1.3.6:\n\n* Support for using Redis for caching, logging; see the doc/howto/Redis.html\n  documentation.\n* Fixed mod_sql_postgres SSL support (Issue #415).\n* Support building against LibreSSL instead of OpenSSL (Issue #361).\n* Better support on AIX for login restraictions (Bug #4285).\n* TimeoutLogin (and other timeouts) were not working properly for SFTP\n  connections (Bug#4299).\n* Handling of the SIGILL and SIGINT signals, by the daemon process, now causes\n  the child processes to be terminated as well (Issue #461).\n* RPM .spec file naming changed to conform to Fedora guidelines.\n* Fix for 'AllowChrootSymlinks off' checking each component for symlinks (CVE-2017-7418).\n\nNew Modules:\n\n* mod_redis, mod_tls_redis, mod_wrap2_redis\n    With Redis now supported as a caching mechanism, similar to Memcache,\n    there are now Redis-using modules: mod_redis (for configuring the Redis\n    connection information), mod_tls_redis (for caching SSL sessions and\n    OCSP information using Redis), and mod_wrap2_redis (for using ACLs stored\n    in Redis).\n\nChanged Modules:\n\n* mod_ban:\n      The mod_ban module's BanCache directive can now use Redis-based caching;\n      see doc/contrib/mod_ban.html#BanCache.\n\n-New Configuration Directives\n\n* SQLPasswordArgon2, SQLPasswordScrypt\n\n      The key lengths for Argon2 and Scrypt-based passwords are now configurable\n      via these new directives; previously, the key length had been hardcoded\n      to be 32 bytes, which is not interoperable with all other implementations\n      (Issue #454).\n\nChanged Configuration Directives\n\n* AllowChrootSymlinks\n    When 'AllowChrootSymlinks off' was used, only the last portion of the\n    DefaultRoot path would be checked to see if it was a symlink.  Now,\n    each component of the DefaultRoot path will be checked to see if it is\n    a symlink when 'AllowChrootSymlinks off' is used.\n* Include\n    The Include directive can now be used within a \u003CLimit> section, e.g.:\n      \u003CLimit LOGIN>\n          Include /path/to/allowed.txt\n          DenyAll\n        \u003C/Limit>\nAPI Changes\n  * A new JSON API has been added, for use by third-party modules. \n\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2017-7418",{"_key":17},"CVE-2019-12815",{"_key":19},"CVE-2019-18217",{"_key":21},"CVE-2019-19269",{"_key":23},"CVE-2019-19270",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2020-01-13T15:20:23Z","2026-02-04T03:19:18.079575Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,44,49,53,57,61,65,69,73,78,82,86,90],{"url":38,"sources":39,"tags":42},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YQAELVZ2VM7ZCMMAPQ4KYBJ6KWLXIVC2/",[40,41],"osv_suse","osv_opensuse",[43],"Advisory",{"url":45,"sources":46,"tags":47},"https://bugzilla.suse.com/1113041",[40,41],[48],"REPORT",{"url":50,"sources":51,"tags":52},"https://bugzilla.suse.com/1144056",[40,41],[48],{"url":54,"sources":55,"tags":56},"https://bugzilla.suse.com/1154600",[40,41],[48],{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1155834",[40,41],[48],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1156210",[40,41],[48],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1157798",[40,41],[48],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/1157803",[40,41],[48],{"url":74,"sources":75,"tags":76},"https://www.suse.com/security/cve/CVE-2017-7418",[40,41],[77],"WEB",{"url":79,"sources":80,"tags":81},"https://www.suse.com/security/cve/CVE-2019-12815",[40,41],[77],{"url":83,"sources":84,"tags":85},"https://www.suse.com/security/cve/CVE-2019-18217",[40,41],[77],{"url":87,"sources":88,"tags":89},"https://www.suse.com/security/cve/CVE-2019-19269",[40,41],[77],{"url":91,"sources":92,"tags":93},"https://www.suse.com/security/cve/CVE-2019-19270",[40,41],[77],[],[],[],[98,111,117],{"ecosystem":99,"name":100,"vendor":101,"product":102,"cpe_part":9,"purl_type":103,"purl_namespace":101,"purl_name":102,"source":9,"versions":104},"openSUSE","proftpd","opensuse","proftpd&distro=openSUSE Leap 15.1","rpm",[105],{"version":106,"is_range":107,"range_type":108,"version_start":9,"version_start_type":9,"version_end":109,"version_end_type":110,"fixed_in":9},"lt1_3_6b_bp151_4_6_2",true,"ecosystem","1.3.6b-bp151.4.6.2","excluding",{"ecosystem":112,"name":100,"vendor":113,"product":114,"cpe_part":9,"purl_type":103,"purl_namespace":113,"purl_name":114,"source":9,"versions":115},"SUSE Linux Enterprise","suse","proftpd&distro=SUSE Package Hub 15",[116],{"version":106,"is_range":107,"range_type":108,"version_start":9,"version_start_type":9,"version_end":109,"version_end_type":110,"fixed_in":9},{"ecosystem":112,"name":100,"vendor":113,"product":118,"cpe_part":9,"purl_type":103,"purl_namespace":113,"purl_name":118,"source":9,"versions":119},"proftpd&distro=SUSE Package Hub 15 SP1",[120],{"version":106,"is_range":107,"range_type":108,"version_start":9,"version_start_type":9,"version_end":109,"version_end_type":110,"fixed_in":9}]