On Mon, Dec 14, 2009 at 09:41:46PM +0100, Kurt Roeckx wrote:
On Mon, Dec 14, 2009 at 08:13:23PM +0100, Francesco P. Lovergine wrote:
On Mon, Dec 14, 2009 at 07:39:59PM +0100, Sune Vuorela wrote:
I am wondering, though, why proftpd ships its own copy of libltdl instead
of
using
On Dec 15, Francesco P. Lovergine fran...@debian.org wrote:
I'm not happy of having to run autotools at every build or maintaining
another ugly autoconf patch of such a kind.
It's not like you have a choice anyway, autoreconfiguration is mandatory
for packages which use libtool.
Look at the
On Sunday 13 December 2009 12:13:38 Francesco P. Lovergine wrote:
Package: proftpd-dfsg
Version: 1.3.0-1
As already communicated to secteam on friday, this issue does not
apply even with old versions, because external modules are taken from the
/usr/lib/proftpd directory only in mod_dso.c.
On Mon, Dec 14, 2009 at 07:39:59PM +0100, Sune Vuorela wrote:
I am wondering, though, why proftpd ships its own copy of libltdl instead of
using the system version, which would avoid this kind of bugs to be have to
be
fixed in proftpd at all.
This is completely another problem. Indeed
On Mon, Dec 14, 2009 at 08:13:23PM +0100, Francesco P. Lovergine wrote:
On Mon, Dec 14, 2009 at 07:39:59PM +0100, Sune Vuorela wrote:
I am wondering, though, why proftpd ships its own copy of libltdl instead
of
using the system version, which would avoid this kind of bugs to be have to
Package: proftpd-dfsg
Severity: grave
Tags: security
Hi,
The following CVE (Common Vulnerabilities Exposures) id was
published for libtool. I have determined that this package embeds a
vulnerable copy of the libtool source code. However, since this is a
mass bug filing (due to so many
6 matches
Mail list logo