SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pure-ftpd-debugsource-1.0.36-42.17.i586.rpm :
Wed Jan 23 13:00:00 2013 mvyskocilAATTsuse.com
- fix bnc#789833: pure-ftpd login failes

* pure-ftpd-1.0.36-cap-audit-control.patch
- remove oes related patches have never used at openSUSE

* pure-ftpd-1.0.20-oes_remote_server.patch

* pure-ftpd-1.0.22-oes-bugfix-534424.patch
- change old PreReq to Requires(pre)
- add version to pureftpd symbol

Thu Nov 29 13:00:00 2012 sbrabecAATTsuse.cz
- Verify GPG signature.

Wed Aug 29 14:00:00 2012 mvyskocilAATTsuse.cz
- add gpg signature file for easier verification

Wed Aug 29 14:00:00 2012 crrodriguezAATTopensuse.org
- systemd: Do not fork in the background

Fri Apr 20 14:00:00 2012 highwaystar.ruAATTgmail.com
- spec file: fixed pure-ftpd.service file installation

Tue Apr 10 14:00:00 2012 mvyskocilAATTsuse.cz
- update to 1.0.36 :
- Sync built-in glob(3) code with OpenBSD-current, and remove code we
don\'t use instead of ifdef\'ing it.
- Repair checkproc() on Linux when support for capabitilies is
compiled in. Reported by Eric Gouyer.
- Don\'t read /dev/
*random every time we need a value. Just use
arc4random() everywhere and seed it before we possibly chroot().
- Add support for MFMT, with the same code as SITE UTIME.
- Support 2-arguments SITE UTIME.
- LDAP: Add LDAPDefaultHomeDirectory, suggested by Landry Breuil.
- Add SSL_OP_NO_SSLv3 to SSL options if the list of ciphers is
prefixed by -S: , needed by Brad.
- Use more paranoid compiler options whenever possible, and preliminary
uncluttering of the autoconf script.
- Try to cache locale-related data at startup after tzset(), rather
than during a session.
- Fix quota computation after rename() overwrites an existing file.
Reported by Hiramoto Koujo, thanks!
- Improved autoconf detection of -fstack-protector and -fPIE
- If 10 digits are not enough to print the size of a file in an
ls-like output, bump the max number of digits to 18. This adds support for
files up to 1 exabyte.
- Don\'t display dot files (except . and ..) if dot_read_ok is 0 in
donlist() - but not in sglob() yet. This change is purely cosmetic. There are
many ways to figure out if a file exists.
- document bnc#756306: pure-ftpd umask setting not working properly

* /etc/pure-ftpd/pure-ftpd.conf contains a note about a side-effect of pam_umask
- add native pure-ftpd.service for systemd-powered systems
- use the same way how to start the daemon in sysvinit script and put
$remote_fs dependency
usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize

Wed Jun 22 14:00:00 2011 mvyskocilAATTsuse.cz
- fix bnc#700611 - pure-ftpd fails with pam

* pure-ftpd-1.0.32-cap-audit-write.patch

Fri May 27 14:00:00 2011 alexandreAATTexatati.com.br
- Update to 1.0.32:
- Support SHA1 password hashing in MySQL and PostgreSQL backends
- Support for braces expansion in directory listings has been
disabled - Cf. CVE-2011-0418
- Aditional changes FROM 1.0.31:
- Introduce --tlsciphersuite (-J) to set the list of allowed ciphers,
thanks to Todd Rinaldo.
- The -F switch has been documented in the built-in help.
- Shell-like escaping is now partially handled when emulating the \"ls\"
command.
- Use my_make_scrambled_password() instead of make_scrambled_password().
Suggested by Arkadiusz Miskiewicz.
- Refresh and fix patch for [bnc#407363]:
- old: patch pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch
- new: patch pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch
- Refresh PassivePortRange patch:
- old: pure-ftpd-1.0.21-portrange.patch
- new: pure-ftpd-1.0.32-portrange.patch

Mon Apr 11 14:00:00 2011 mvyskocilAATTsuse.cz
- update to 1.0.30

* pure-quotacheck can now work with a large number of files.

* OPTS UTF-8 is now an alias to OPTS UTF8.

* Fix a STARTTLS flaw similar to Postfix’s CVE-2011-0411. If you’re using
TLS, upgrading is recommended.

* Provide ANSI-compliant MySQL configuration example.

* Fix some issues with man pages.

Thu Oct 7 14:00:00 2010 mvyskocilAATTsuse.cz
- add pure-ftpd-1.0.22-oes-bugfix-534424.patch for tracking OES patches
- use macro with_oes to determine if OES patches might be applied or not

Tue Sep 14 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- Use with-rfc2640 [bnc#638626]

Tue Jul 20 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- add missing buildRequires on libcap-devel

Tue May 25 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- $remote_fs --> network-remotefs

Fri May 14 14:00:00 2010 alexandreAATTexatati.com.br
- Added \"--with-virtualchroot\" option;
- Spec file cleaned with spec-cleaner;
- updated to version 1.0.29:
- max_dlmap_size was size_t instead off_t, causing misalignment while
downloading > 4 Gb files on a 32-bits arch.
- pread() vs lseek()+read() was a useless optimization, since pread()
doesn\'t change the file position and further reads weren\'t going through
plain read() calls.
- iconv_fd_
* should be initialized by (iconv_t) -1 as we test them upon
exit. Fixes segfaults on glibc.
- pure-uploadscript tries to reach the pipe during 30 seconds instead of 10.
- changes in version 1.0.28:
- FTPD_PAM_SERVICE_NAME can be defined in order to change the PAM service
name.
- When an upload gets renamed (--autorename), send the new name to the
uploadscript instead of the original one.
- The ALLO command now checks for the actual disk space in addition to the
virtal quota.
- Work around OSX broken poll()
- After an atomic resumed upload, don\'t append the previous file size to the
quota.
- Always accept OPTS UTF8 ON, but refuse OPTS UTF8 OFF if client_charset is
UTF8.
- Fix AUTHD_ENCRYPTED
- Reset the CWD failures counter after a successful directory has been
created. It avoids spurious disconnections with ncftp.
- Support for iPhone has been moved to another branch.
- Fix crash with PostgreSQL.

Fri Feb 12 13:00:00 2010 msebenAATTnovell.com
- updated to version 1.0.27:
- Have pureftpd_shutdown() shut the server down even if a client is
connected on iPhone.
- Allow users with no quota to delete .pureftpd-upload-
* files.
- Unbreak ipv6 support, reported by Brad Smith.
- Disable SSLv3 renegotiation if an old SSL library is used. If you really
want to re-enable SSLv3 renegotiation, even with a recent library, you can
always define ACCEPT_SSL_RENEGOTIATION.
- changes in version 1.0.26:
- Fix incompatibilities with Cyberduck when TLS is enabled.
- Don\'t TLS_accept() immediately after accept(). Reply on the connection
socket first, so that clients don\'t have to wait before knowing that they
can actually use TLS. It avoids lags with LFTP and hangs with Cyberduck.
- Properly change the process name on Linux when the -S option is used, by
Margus Kaidja.
- Unbreak authentication of non-chrooted users. Thanks to Juergen Daubert
for the bug report.
- changes in version 1.0.25:
- Show symlinks as symlinks in MLSD, except when the broken client
compatibility mode is turned on and links are not dangling (just like the
old LIST and NLIST commands). Reported by Mime Cuvalo.
- More gcc 2 compatibility, thanks to Todd Rinaldo.
- Properly handle custom paths in man pages. Thanks to Scott Haneda and
Mathieu Parisot.
- Have $localstatedir default to /var as it used to be unless
- -localstatedir=... is explicitely passed to ./configure
- Use AATTVERSIONAATT in man pages.
- --without-pam disables PAM on OSX and iPhone.
- Allow cross-compilation.
- Experimental iPhone target.
- Change the way it links, building a library first.
- Don\'t use mmap() any more for downloads. It\'s too slow.
- Don\'t use hard-coded paths in order to find MySQL and PostgreSQL
libraries and header files. Use mysql_config and pg_config instead.
Suggested by John Alberts.
- Log the DELE command similar to the RETR and STOR commands. Suggested by
Martin Fuxa.
- The primary group gets cached so that it\'s always displayed in directory
listings.
- Avoid a client process to burn CPU in an infinite loop if the command
channel gets disconnected before the data channel. Reported by Thomas Min
and Margus Kaidja.
- Restore the traditional behavior of a download restarting at the end of a
file. For some weird reasons, some clients still insist on doing that. Don\'t
send a 55x return code, just let them download... nothing.
- Documentation updates.
- changes in version 1.0.24:
- Refuse empty passwords in LDAP bind mode. Reported by Henning Brauer.
- The package can now be compiled with gcc 2.
- changes in version 1.0.23:
- LDAP: accept \"enabled\" as a correct value for FTPStatus as it used to be.
- More useful error logging for OpenSSL errors.
- Don\'t read certificates twice.
- Fix compilation on Solaris with privsep, thanks to Ritesh Patel.
- Don\'t replace : (as in IPv6 addresses) in host names. Thanks to Tero Pelander.
- Add SUP top AUXILIARY to LDAP schema, suggested by Zhang Huangbin.
- Don\'t ignore dot files even if -D is not supplied with the MLSD command.
- Deinline code
- Throttling more reliable
- STAT is now working over TLS
- DH keys for ephemeral key exchange are now handled
- Fix libiconv checking
- The column was missing in the PassivePortRange comment (thanks to Igor Alexadrov)
- LDAP authentication through binding is now possible in addition to
passwords. This allows for the FTP server to run with an unprivileged LDAP
account. It also adds a warning if auth method password is used and doesn\'t find
a userPassword attribute. This usually indicates that the LDAP bind DN
cannot read the attributes, because it doesn\'t have sufficient privileges.
Contributed by Wilco Baan Hofman.
- Perform charset conversions on directory names. Issue spotted by Xianghu Zhao.
- Almost a complete rewrite of the upload, download and TLS code for more
reliability
- Seemlessly handle ABOR without any SIGURG
- Try to immediately handle any kind of disconnection
- Use poll() rather than select() as much as possible
- Distinguish aborted (even the hard way) and completed download and upload
operations in log files
- Minor corrections to he French messages
- Don\'t use atomic uploads unless --notruncate or --autorename have been
enabled
- Take care of removing .pureftpd-upload-
* files in every possible case
- List up to 10000 files per directory per default instead of 2000
- Don\'t mess with TCP_NOPUSH, as it interferes with OpenSSL
- New compile-time option: --with-implicittls in order to build a FTPS-only
server
- ./configure --localstatedir can now be used in order to avoid storing the
scoreboard and other dynamic files in /var/run/
- Quota handling reworked (easier, and way more reliable)
- RNTO support even when quota are enabled.
- A bunch of return codes were fixed to be more RFC-conformant.
- ALLO command is now actually checking if an upload can occur without
blowing the quota.
- Don\'t change the TCP window size. Admins should do this as part of their
system configuration.
- Privsep is now enabled by default. Use --without-privsep to disable.
- --without-banner is gone. If you have a cookie file (-F), the default
banner won\'t be displayed.
- Compile with PAM by default on OSX.
- Switch the privsep process to _pure-ftpd or pure-ftpd when no privileged
call is actually necessary. Since only the effective uid chances, it\'s not
brutally useful yet, but it paves the way for forthcoming changes.
- Install man pages with local paths instead of hard-coded ones.

Tue Jan 12 13:00:00 2010 msebenAATTnovell.com
- modified portrange.patch - for PassivePortRange option in pure-ftpd.conf
we could use now also syntax without colon (bnc#547578)
- merged config.patch with config_minuid.patch

Fri Jun 5 14:00:00 2009 cooloAATTnovell.com
- fix build

Mon May 25 14:00:00 2009 hvogelAATTsuse.de
- Update to version 1.0.22
- New catalan translation
- TLS support for LDAP
- Fix usage of MySQL 5 stored procedures
- Compatibility with newer OpenLDAP versions
- Don\'t hang up during uploads if we get any other command than QUIT and
ABORT.
- SITE UTIME reads UTC time
- A space is needed for inline content in response to the MLST command.
- Time zone issues should be fixed for good. We have to redefine TZ,
tzset() is not enough on Linux when we are in a chroot environment.
- Correctly respond to FEAT without removing extra features when passive
mode is disabled. Thanks to upb.
- Better process name change setup for Linux.
- Auto-created home directories are now created with mode 0777 (and
directory umask is applied), per common request. It\'s very important to
double check your umask.
- Extend gid / uid to 10 digits in ls output. Extend file size as well.
- Brazilian portuguese translation was updated.
- Fix SecureFX compatibility.
- Use PQescapeStringConn() for PostgreSQL instead of hand-made escaping.
- Don\'t respond to server that an upload succeeded before the temporary
file has been renamed.
- TLS support on data channels
- Use sendfile() on recent Solaris versions in place of sendfilev().
- Don\'t use a deprecated interface for Bonjour registration.
- Tell authentication handlers if the connection is encrypted or not,
through a new AUTHD_ENCRYPTED environment variable.
- Create all directories, not only the basement when on-demand directory
creation is enabled and the user\'s home directory looks like /basement/./user.
- Fixed error reporting when TLS support was compiled in, but TLS wasn\'t
enabled on the current session
- Log full path on file deletion
- Handle \"ftp\" and \"anonymous\" like normal accounts (with passwords) if -E
(no anonymous logins) is specified. Thanks to Arkadiusz Miskiewicz.
- Sleep before answering a password failure, not the other way round
- In broken mode, show symlinks as their real target. It can have side
effects, don\'t forget that broken mode is... broken mode.
- Respect aliasing rules for sockaddr_storage usage.
- Privsep is enabled by default in the installation GUI.
- --with-everything now includes privsep.
- update: fix compilation with gcc 2.x


  
ICM