Changelog for
proftpd-debuginfo-1.3.4b-19.1.i586.rpm :
Fri Nov 2 13:00:00 2012 chrisAATTcomputersalat.de
- fix for bnc#787884
(https://bugzilla.novell.com/show_bug.cgi?id=787884)
* added extra Source proftpd.conf.tmpfile
Thu Aug 30 14:00:00 2012 crrodriguezAATTopensuse.org
- Disable ident lookups, this protocol is totally obsolete
and dangerous. (add --disable-ident)
- Fix debug info generation ( add --disable-strip)
Wed Aug 29 14:00:00 2012 crrodriguezAATTopensuse.org
- Add systemd unit
Tue Aug 14 14:00:00 2012 chrisAATTcomputersalat.de
- update to 1.3.4b
+ Fixed mod_ldap segfault on login when LDAPUsers with no filters used.
+ Fixed sporadic SFTP upload issues for large files.
+ Fixed SSH2 handling for some clients (e.g. OpenVMS).
+ New FactsOptions directive; see doc/modules/mod_facts.html#FactsOptions
+ Fixed build errors on Tru64, AIX, Cygwin.
- add Source Signatuire (.asc) file
- add noBuildDate patch
- add lang pkg
* --enable-nls
- add configure option
* --enable-openssl, --with-lastlog
Mon Dec 12 13:00:00 2011 chrisAATTcomputersalat.de
- update to 1.3.4a
+ Fixed mod_load/mod_wrap2 build issues.
- 1.3.4
+ New \"NoEmptyFragments\" TLSOption added; see the TLSOptions documentation
for details.
+ Improved configure script for cross-compiling.
+ Reworked the proftpd.spec RPM file
+ Fixed mod_sql_mysql \"Alarm clock\" bug on FreeBSD.
+ New \"IgnoreSFTPSetTimes\" SFTPOption added; see the SFTPOptions
documentation for details.
+ Fixed response pool use-after-free issue.
- for more info please see the RELEASE_NOTES file
- reworked patches
* now p0 patches
Fri Nov 18 13:00:00 2011 chrisAATTcomputersalat.de
- fix for bnc#731347
* no (hostname -s) in post section
* reworked basic conf patch
Fri Nov 11 13:00:00 2011 chrisAATTcomputersalat.de
- fix changelog
* RELEASE_NOTES-1.3.3g is lacking of important info
- fix for CVE-2011-4130 (bnc#729830)
* https://bugzilla.novell.com/show_bug.cgi?id=729830
(upstream) http://bugs.proftpd.org/show_bug.cgi?id=3711
=> fixed with version 1.3.3g
Thu Nov 10 13:00:00 2011 chrisAATTcomputersalat.de
- update to 1.3.3g
(http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3g)
+ New \"NoEmptyFragments\" TLSOption added; see the TLSOptions documentation
for details.
+ Fixed mod_sql_mysql \"Alarm clock\" bug on FreeBSD.
(http://www.proftpd.org/docs/NEWS-1.3.3g)
- Bug 3702 - ProFTPD with mod_sql_mysql dies of \"Alarm clock\" on FreeBSD.
- Bug 3704 - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks.
To disable this countermeasure, which may cause interoperability issues
with some clients, use the NoEmptyFragments TLSOption.
- Bug 3711 - Response pool use-after-free memory corruption error.
Tue Oct 4 14:00:00 2011 chrisAATTcomputersalat.de
- update to 1.3.3f
+ Fixes segfault if mod_sql_mysql and \"SQLAuthenticate groupsetfast\"
configuration used.
+ Fixes mod_wrap syslog level (regression from Bug#3317).
+ Fixes mod_ifsession segfault if regular expression patterns used in
a
section.
Fri Apr 29 14:00:00 2011 chrisAATTcomputersalat.de
- push to Factory
o fix changelog (not in sequence)
o fix license (GPL -> GPLv2+)
o remove Author from description
o remove obsolete extra source proftpd.conf
Fri Apr 8 14:00:00 2011 chrisAATTcomputersalat.de
- update to 1.3.3e
+ Display messages work properly again.
+ Fixes plaintext command injection vulnerability in FTPS implementation
(i.e. mod_tls). See http://bugs.proftpd.org/show_bug.cgi?id=3624 for
details.
+ Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). See
http://bugs.proftpd.org/show_bug.cgi?id=3586 for details.
+ Performance improvements, especially during server startup/restarts.
Sun Jan 30 13:00:00 2011 chrisAATTcomputersalat.de
- update to 1.3.3d
+ Fixed sql_prepare_where() buffer overflow (Bug#3536)
+ Fixed CPU spike when handling .ftpaccess files.
+ Fixed handling of SFTP uploads when compression is used.
Fri Oct 22 14:00:00 2010 msebenAATTgmail.com
- update to 1.3.3c
+ Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
+ Fixed directory traversal bug in mod_site_misc
+ Fixed SQLite authentications using \"SQLAuthType Backend\"
Fri Oct 22 14:00:00 2010 chrisAATTcomputersalat.de
- clenaup spec
- fix doc pkg
o should not provide pkgconfig
Fri Oct 15 14:00:00 2010 chrisAATTcomputersalat.de
- update to 1.3.3b
+ Fixed SFTP directory listing bug
+ Avoid corrupting utmpx databases on FreeBSD
+ Avoid null pointer dereferences during data transfers
+ Fixed \"AuthAliasOnly on\" anonymous logins
- rpmlint: no-pkg-config-provides
o add BuildReq pkg-config
- removed changes from spec
Wed Jul 7 14:00:00 2010 chrisAATTcomputersalat.de
- update to 1.3.3a
+ Added Japanese translation
+ Many mod_sftp bugfixes
+ Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later
+ Fixed handling of utmp/utmpx format changes on FreeBSD
- rpmlint: self-obsoletion
Wed May 5 14:00:00 2010 msebenAATTnovell.com
- fix build : dir-or-file-in-var-run badness : /var/run/proftpd dir
is marked as ghost and it is created in init script now
Fri Apr 9 14:00:00 2010 msebenAATTnovell.com
- added ncurses-devel to buildrequires to fix ftptop message : \"no
curses or ncurses library on this system\"
Fri Feb 26 13:00:00 2010 chrisAATTcomputersalat.de
- added info for \"STABLE\" versions only
Thu Feb 25 13:00:00 2010 chrisAATTcomputersalat.de
- update to 1.3.3
o Fixed mod_ban whitelisting using mod_ifsession.
o Fixed per-user/group/class \"HideFiles none\" configurations.
- 1.3.3rc4
o Fixed mod_tls compilation using OpenSSL installations older
than 0.9.7.
o Fixed mod_sftp compilation on AIX.
o Fixed RADIUS authentication on 64-bit platforms
o Fixed memory leak in SCP downloads.
o New configuration directives
SQLPasswordUserSalt
The SQLPasswordUserSalt directive can be used to configure
per-user salt data to be added to the encrypted password
for a user. The salt can be the user name, or it can be
the result of a SQL query. More information can be found in
doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt.
Wed Feb 10 13:00:00 2010 diego.ercolaniAATTgmail.com
- update to 1.3.3rc3
- try to be compatible with osc :-)
Sun Dec 20 13:00:00 2009 chrisAATTcomputersalat.de
- update to 1.3.2c
o Bug and regression fixes.
- removed obsolete CVE patch
Mon Oct 26 13:00:00 2009 msebenAATTnovell.com
- fixed CVE-2009-3639 : mod_tls security issue (bnc#549740)
Wed Sep 16 14:00:00 2009 alexandreAATTexatati.com.br
- Update tarball to its upstream version without
bzipped patch;
- Removed blank spaces at enf of lines on spec file;
- Replaced tab characters on spec file.
Wed Sep 16 14:00:00 2009 chrisAATTcomputersalat.de
- update to 1.3.2 (1.3.2a)
o many bugfixes, read ChangeLog or NEWS
o include 1.3.2a upstream patch
o removed old patches
* proftpd-1.3.1-umode_t.patch
* proftpd-1.3.1-O_CREAT.patch
* proftpd-1.3.1-libcap.patch
* proftpd-1.3.1-CVE-2009-0542.patch
* proftpd-1.3.1-CVE-2009-0543.patch
o reworked basic.conf.patch
- spec mods
o removed ^#-----
o removed {rel}
o clean
* rm -rf RPM_BUILD_ROOT
o added sub sqlite
- fixed deps
o BuildRequires: sqlite3-devel unixODBC-devel
- rpmlint
o description-shorter-than-summary
o source-or-patch-not-bzipped proftpd-1.3.2a.patch
Tue Jul 7 14:00:00 2009 chrisAATTcomputersalat.de
- added proftpd.passwd
o it is an initial passwd for virtuser and
anonymous login works well with it :)
Mon Jul 6 14:00:00 2009 chrisAATTcomputersalat.de
- added ftpasswd.patch
- rework of basic.conf patch
- removed README.AIX
Wed Apr 15 14:00:00 2009 chrisAATTcomputersalat.de
- added basic.conf patch
- added dist.patch
o fix for xinetd, logrotate, pam
- some more subpackages
o ldap, mysql, pgsql, radius
- added ftpasswd for simple virtuser support
- added auth DIR /etc/proftpd/auth
o passwd for virtuser
- added conf.d DIR /etc/proftpd/conf.d
o configs for inclusion
- added log DIR /var/log/proftpd
- beautify init file
- beautify spec file
Wed Feb 18 13:00:00 2009 msebenAATTsuse.cz
- added proftpd.conf with uploads section
Fri Feb 13 13:00:00 2009 msebenAATTsuse.cz
- fixed sql injection vulnerability which allows remote attackers
to execute arbitrary SQL commands via a \"%\" character
CVE-2009-0542.patch (bnc#475316)
- fixed vulnerability which allows remote attackers to bypass SQL
injection protection mechanisms via invalid, encoded multibyte
characters CVE-2009-0543.patch (bnc#475316)
Mon Jan 26 13:00:00 2009 msebenAATTsuse.cz
- splitted HTML doc to proftpd-doc
- added %post and %postun macro to spec
Thu Jan 22 13:00:00 2009 msebenAATTsuse.cz
- fixed missing third argument in open function (
*-O_CREAT.patch)
- disabled striping libraries (
*-no_strip.patch)
- fixed configure script (
*-umode_t.patch)
- added -DLDAP_DEPRECATED to CFLAGS because of deprecated ldap_init
function
- disabled contrib scripts for now
- fixed handling _LINUX_CAPABILITY_VERSION on newer linux kernel.
(proftpd-
*-libcap.patch)
Wed Aug 20 14:00:00 2008 mrueckertAATTsuse.de
- disabled debugging stuff for now
Fri Oct 19 14:00:00 2007 mrueckertAATTsuse.de
- enabled missing modules (mod_ban,mod_wrap2
*,mod_quota_radius)
and replaced the hardcoded value for --with-shared with a
dynamically generated list
Sat Oct 6 14:00:00 2007 mrueckertAATTsuse.de
- update to 1.3.1:
Many bugfixes and new features like dynamic blacklisting of
clients, improved SQL handling, and quotas.
- added --enable-devel=coredump,nodaemon,nofork
- added devel subpackage for the headers
Wed Nov 29 13:00:00 2006 mrueckertAATTsuse.de
- update to 1.3.0a:
fixes a remote code execution. CVE-2006-5815
(http://bugs.proftpd.org/show_bug.cgi?id=2858)