-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-2567 2010-02-23 04:07:32 --------------------------------------------------------------------------------
Name : proftpd Product : Fedora 11 Version : 1.3.2d Release : 1.fc11 URL : http://www.proftpd.org/ Summary : Flexible, stable and highly-configurable FTP server Description : ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This package defaults to the standalone behaviour of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. -------------------------------------------------------------------------------- Update Information: This update to the latest maintenance release fixes a number of bugs recorded in the proftpd bug tracker: * Lack of PID protection in ScoreboardFile (bug 3370) * Crash when retrying a failed login with mod_radius being used (bug 3372) * RADIUS authentication broken on 64-bit platforms (bug 3381) * SIGHUP eventually causes certain DSO modules to segfault (bug 3387) -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 15 2010 Paul Howarth <[email protected]> 1.3.2d-1 - Update to 1.3.2d, addressing the following issues: - mod_tls doesn't compile with pre-0.9.7 openssl (bug 3358) - Lack of PID protection in ScoreboardFile (bug 3370) - Crash when retrying a failed login with mod_radius being used (bug 3372) - RADIUS authentication broken on 64-bit platforms (bug 3381) - SIGHUP eventually causes certain DSO modules to segfault (bug 3387) * Thu Dec 10 2009 Paul Howarth <[email protected]> 1.3.2c-1 - Update to 1.3.2c, addressing the following issues: - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324) - Failed database transaction can cause mod_quotatab to loop (bug 3228) - Segfault in mod_wrap (bug 3332) - <Directory> sections can have <Limit> problems (bug 3337) - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341) - mod_auth_file handles 'getgroups' request incorrectly (bug 3347) - Segfault caused by scrubbing zero-length portion of memory (bug 3350) - Drop upstreamed segfault patch * Thu Dec 10 2009 Paul Howarth <[email protected]> 1.3.2b-3 - Add patch for upstream bug 3350 - segfault on auth failures * Wed Dec 9 2009 Paul Howarth <[email protected]> 1.3.2b-2 - Reduce the mod_facts patch to the single commit addressing the issue with directory names with glob characters (#521634), avoiding introducing a further problem with <Limit> (#544002) * Wed Oct 21 2009 Paul Howarth <[email protected]> 1.3.2b-1 - Update to 1.3.2b - Fixed regression causing command-line define options not to work (bug 3221) - Fixed SSL/TLS cert subjectAltName verification (bug 3275, CVE-2009-3639) - Use correct cached user values with "SQLNegativeCache on" (bug 3282) - Fix slower transfers of multiple small files (bug 3284) - Support MaxTransfersPerHost, MaxTransfersPerUser properly (bug 3287) - Handle symlinks to directories with trailing slashes properly (bug 3297) - Drop upstreamed defines patch (bug 3221) * Thu Sep 17 2009 Paul Howarth <[email protected]> 1.3.2a-7 - Restore backward SRPM compatibility broken by previous change * Wed Sep 16 2009 Tomas Mraz <[email protected]> 1.3.2a-6 - Use password-auth common PAM configuration instead of system-auth * Mon Sep 7 2009 Paul Howarth <[email protected]> 1.3.2a-5 - Add upstream patch for MLSD with dirnames containing glob chars (#521634) * Wed Sep 2 2009 Paul Howarth <[email protected]> 1.3.2a-4 - New DSO module: mod_exec (#520214) * Fri Aug 21 2009 Tomas Mraz <[email protected]> 1.3.2a-3.1 - Rebuilt with new openssl * Wed Aug 19 2009 Paul Howarth <[email protected]> 1.3.2a-3 - Use mod_vroot to work around PAM/chroot issues (#477120, #506735) * Fri Jul 31 2009 Paul Howarth <[email protected]> 1.3.2a-2 - Add upstream patch to fix parallel build (http://bugs.proftpd.org/3189) * Mon Jul 27 2009 Paul Howarth <[email protected]> 1.3.2a-1 - Update to 1.3.2a - Add patch to reinstate support for -DPARAMETER (http://bugs.proftpd.org/3221) - Retain CAP_AUDIT_WRITE, needed for pam_loginuid (#506735, fixed upstream) - Remove ScoreboardFile directive from configuration file - default value works better with SELinux (#498375) - Ship mod_quotatab_sql.so in the main package rather than the SQL backend subpackages - New DSO modules: - mod_ctrls_admin - mod_facl - mod_load - mod_quotatab_radius - mod_radius - mod_ratio - mod_rewrite - mod_site_misc - mod_wrap2 - mod_wrap2_file - mod_wrap2_sql - Enable mod_lang/nls support for RFC 2640 (and buildreq gettext) - Add /etc/sysconfig/proftpd to set PROFTPD_OPTIONS and update initscript to use this value so we can use a define to enable (e.g.) anonymous FTP support rather than having a huge commented-out section in the config file - Rewrite config file to remove most settings that don't change upstream defaults, and add brief descriptions for all available loadable modules - Move Umask and IdentLookups settings from server config to <Global> context so that they apply to all servers, including virtual hosts (#509251) - Ensure mod_ifsession is always the last one specified, which makes sure that mod_ifsession's changes are seen properly by other modules - Drop pam version requirement - all targets have sufficiently recent version - Drop redundant explicit dependency on pam - Subpackages don't need to own %{_libexecdir}/proftpd directory - Drop redundant krb5-devel buildreq - Make SRPM back-compatible with EPEL-4 (TLS cert dirs, PAM config) - Don't include README files for non-Linux platforms - Recode ChangeLog as UTF-8 - Don't ship the prxs tool for building custom DSO's since we don't ship the headers either - Prevent stripping of binaries in a slightly more robust way - Fix release tag to be ready for future beta/rc versions - Define RPM macros in global scope - BuildRequire libcap-devel so that we use the system library rather than the bundled one, and eliminate log messages like: kernel: warning: `proftpd' uses 32-bit capabilities (legacy support in use) * Sun Jul 26 2009 Fedora Release Engineering <[email protected]> 1.3.2-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update proftpd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
