TJ aka castaglia, finally fixed the bug in http://bugs.proftpd.org/show_bug.cgi?id=2622 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308313
Currently (1.2.10-13) the only workaround for that is disabling the mod_delay module. This of course potentially impacts prevention of the timing attack that module solves. http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 I'm inclined to consider that bug a RC (security) one, so if you RMs would allow the incoming fixed -14 release entering sarge before release, that would be great and allow me (poor maintainer) to sleep as a child in the next years... -- Francesco P. Lovergine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
