proftpd: ignore CVE-2021-47865 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-02-07 11:33:49 +0100
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-02-12 13:38:12 +0530
commit	d691a39655c535e4a47c8ad0afe6f8c57f65ef5a (patch)
tree	3f34ac2a11d7633db02c11bba236a507b3fb80b3 /meta-python/recipes-devtools/python/python3-rapidjson
parent	a56aafa0a6d839dceeb889faba1250fab033810e (diff)
download	meta-openembedded-d691a39655c535e4a47c8ad0afe6f8c57f65ef5a.tar.gz

proftpd: ignore CVE-2021-47865

Details: https://nvd.nist.gov/vuln/detail/CVE-2021-47865 This CVE was opened based on a 5 years old Github issue[1], and has been made public recently. The CVE wasn't officially disputed (yet?), but based on the description and the given PoC the application is working as expected. The vulnerability description and the PoC basically configures proftpd to accept maximum x connections, and then when the user tries to open x + 1 concurrent connections, it refuses new connections over the configured limit. See also discussion in the Github issue. It seems that it won't be fixed, because there is nothing to fix. [1]: https://github.com/proftpd/proftpd/issues/1298 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-rapidjson')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: