Thank god I didn't upgrade to edgy on my server yet... ;o) /Jacob
Frodon wrote: > Public bug reported: > > Binary package hint: proftpd > > The proftpd package provided in edgy (v. 1.3.0) isn't compiled with the > mod_tls.c module enabled. > This could be a big issue for those who run edgy eft and need TLS encryption > for their ftp server because without this encryption passwords and usernames > are transmited in plain text. > Since this module was enabled in dapper some users may not have noticed that > this module is no more enabled and thus make their FTP server vulnerable. > > Here is the list of the modules enabled in the edgy package : > mod_core.c > mod_xfer.c > mod_auth_unix.c > mod_auth_file.c > mod_auth.c > mod_ls.c > mod_log.c > mod_site.c > mod_delay.c > mod_dso.c > mod_auth_pam.c > mod_readme.c > mod_cap.c > mod_ctrls.c > > It may be a good idea to make this module enabled in the package > provided by the official edgy repository because for a professional > server install it doesn't make sense to run a FTP server without > encryption. > > ** Affects: proftpd (Ubuntu) > Importance: Undecided > Status: Unconfirmed > > -- Module mod-tls.c is missing in the proftpd edgy package https://launchpad.net/bugs/68735 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
