-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-5936 2013-04-18 01:30:46 --------------------------------------------------------------------------------
Name : proftpd Product : Fedora 18 Version : 1.3.4c Release : 2.fc18 URL : http://www.proftpd.org/ Summary : Flexible, stable and highly-configurable FTP server Description : ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. -------------------------------------------------------------------------------- Update Information: This update addresses a problem whereby proftpd was unable to restore root privileges prior to closing its PAM session, resulting in various error messages being logged by dbus/systemd. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 16 2013 Paul Howarth <[email protected]> 1.3.4c-2 - Make sure we can switch back to root before closing PAM sessions so that they're closed properly and don't pollute the system logs with dbus reject messages (#951728, upstream bug #3929) * Thu Mar 7 2013 Paul Howarth <[email protected]> 1.3.4c-1 - Update to 1.3.4c - Added Spanish translation - Fixed several mod_sftp issues, including SFTPPassPhraseProvider, handling of symlinks for REALPATH requests, and response code logging - Fixed symlink race for creating directories when UserOwner is in effect - Increased performance of FTP directory listings - Drop MySQL password patch, no longer needed - Drop upstreamed proftpd patch for CVE-2012-6095 - Update patch for bug 3744 to apply against updated proftpd code * Thu Feb 14 2013 Fedora Release Engineering <[email protected]> 1.3.4b-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jan 16 2013 Paul Howarth <[email protected]> 1.3.4b-5 - Update patch for CVE-2012-6095 to cover vroot cases * Mon Jan 7 2013 Paul Howarth <[email protected]> 1.3.4b-4 - Fix possible symlink race when applying UserOwner to newly created directory (CVE-2012-6095, #892715, http://bugs.proftpd.org/show_bug.cgi?id=3841) * Sat Sep 22 2012 Remi Collet <[email protected]> 1.3.4b-3 - Rebuild against libmemcached.so.11 without SASL -------------------------------------------------------------------------------- References: [ 1 ] Bug #951728 - proftpd tries to close PAM session while running as non-root user https://bugzilla.redhat.com/show_bug.cgi?id=951728 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update proftpd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
