Errata overview
Errata ID 556
Date 2019-08-07
Source package proftpd-dfsg
Fixed in version 1.3.5b-4+deb9u1
This update addresses the following issues:
* An arbitrary file copy vulnerability in mod_copy in ProFTPD allows for
  remote code execution and information disclosure without authentication, a
  related issue to CVE-2015-3306. (CVE-2019-12815)
Additional notes
CVE ID CVE-2019-12815
UCS Bug number #49969