SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for proftpd-debugsource-1.3.8b-lp160.1.7.x86_64.rpm :

* Thu Feb 29 2024 Dominique Leuenberger - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN.
* Wed Jan 03 2024 chrisAATTcomputersalat.de- Update changes file
* add missing boo#1218144 (CVE-2023-48795) info
* add missing CVE-2023-51713 info
* Wed Dec 27 2023 chrisAATTcomputersalat.de- 1.3.8b - Released 19-Dec-2023 fix for boo#1218144 (CVE-2023-48795)
* http://proftpd.org/docs/NEWS-1.3.8b
* Implemented mitigations for \"Terrapin\" SSH attack (CVE-2023-48795).- rebase patch
* proftpd-no_BuildDate.patch
* Thu Nov 02 2023 chrisAATTcomputersalat.de- 1.3.8a - Released 08-Oct-2023 fix for boo#1218344 (CVE-2023-51713): gh#1683 - Out-of-bounds buffer read when handling FTP commands. https://github.com/proftpd/proftpd/issues/1683
* http://proftpd.org/docs/NEWS-1.3.8a
* Fixed builds when using OpenSSL 3.x
* Wed Jan 25 2023 chrisAATTcomputersalat.de- 1.3.7f - Released 04-Dec-2022
* Issue 1533 - mod_tls module unexpectedly allows TLS handshake after authentication in some configurations.
* Bug 4491 - unable to verify signed data: signature type \'rsa-sha2-512\' does not match publickey algorithm \'ssh-rsa\'.
* Mon Jan 16 2023 Stefan Schubert - Migration of PAM settings to /usr/lib/pam.d.
* Thu Sep 01 2022 chrisAATTcomputersalat.de- Update proftpd-basic.conf.patch
* remove obsolete config option, LoginPasswordPrompt- rework proftpd-dist.patch
* Tue Aug 09 2022 chrisAATTcomputersalat.de- 1.3.7e - Released 23-Jul-2022
* Issue 1448 - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x.- 1.3.7d - Released 23-Apr-2022
* Issue 1321 - Crash with long lines in AuthGroupFile due to large realloc(3).
* Issue 1325 - NLST does not behave consistently for relative paths.
* Issue 1346 - Implement AllowForeignAddress class matching for passive data transfers.
* Bug 4467 - DeleteAbortedStores removes successfully transferred files unexpectedly.
* Issue 1401 - Keepalive socket options should be set using IPPROTO_TCP, not SOL_SOCKET.
* Issue 1402 - TCP keepalive SocketOptions should apply to control as well as data connection.
* Issue 1396 - ProFTPD always uses the same PassivePorts port for first transfer.
* Issue 1369 - Name-based virtual hosts not working as expected after upgrade from 1.3.7a to 1.3.7b.- rebase proftpd-no_BuildDate.patch
* Sun Mar 27 2022 chrisAATTcomputersalat.de- fix deps for SLES
* Sat Mar 26 2022 chrisAATTcomputersalat.de- remove configure --disable-static
* Tue Mar 01 2022 chrisAATTcomputersalat.de- Update to version 1.3.7c:
* http://proftpd.org/docs/NEWS-1.3.7c
* http://proftpd.org/docs/RELEASE_NOTES-1.3.7c- Update patches
* harden_proftpd.service.patch
* proftpd-ftpasswd.patch
* proftpd-no_BuildDate.patch
* proftpd.spec
* proftpd_env-script-interpreter.patch
* Wed Oct 20 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_proftpd.service.patch Modified:
* proftpd.service
* Thu Nov 19 2020 Dominique Leuenberger - Update to version 1.3.6e: + Invalid SCP command leads to null pointer dereference.- Do not limit to openSSL < 1.1: proftpd has had support for openSSL 1.1 sice version 1.3.6a.- Rebase proftpd-no_BuildDate.patch.
* Fri Jun 05 2020 chrisAATTcomputersalat.de- update to 1.3.6d
* Issue 857 - Fixed regression in the handling of `%{env:...}` configuration variables when the environment variable is not present.
* Issue 940 - Second LIST of the same symlink shows different results.
* Issue 959 - FTPS uploads using TLSv1.3 are likely to fail unexpectedly.
* Issue 980 - mod_sftp sends broken response when CREATETIME attribute is requested.
* Bug 4398 - Handle zero-length SFTP WRITE requests without error.
* Issue 1018 - PidFile should not be world-writable.
* Issue 1014 - TLSv1.3 handshake fails due to missing session ticket key on some systems.
* Issue 1023 - Lowercased FTP commands not properly identified.- rebase proftpd-no_BuildDate.patch
* Mon Feb 24 2020 chrisAATTcomputersalat.de- fix for boo#1164572 (CVE-2020-9272, gh#902)- fix for boo#1164574 (CVE-2020-9273, gh#903)- update to 1.3.6c
* Fixed regression in directory listing latency (Issue #863).
* Detect OpenSSH-specific formatted SFTPHostKeys, and log hint for converting them to supported format.
* Fixed use-after-free vulnerability during data transfers (Issue #903).
* Fixed out-of-bounds read in mod_cap by updating the bundled libcap (Issue #902).- remove obsolete proftpd-tls-crls-issue859.patch- rebase patches
* proftpd-ftpasswd.patch
* proftpd-no_BuildDate.patch
* proftpd_env-script-interpreter.patch
* Sat Feb 01 2020 chrisAATTcomputersalat.de- cleanup tls.template
* remove deprecated NoCertRequest from TLSOptions
* Sat Dec 28 2019 chrisAATTcomputersalat.de- fix changes file
* add missing info about boo#1155834
* add missing info about boo#1154600- fix for boo#1156210
* GeoIP has been discontinued by Maxmind
* remove module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuation-notice/- fix for boo#1157803 (CVE-2019-19269), boo#1157798 (CVE-2019-19270)
* add upstream patch proftpd-tls-crls-issue859.patch
* Sun Nov 03 2019 chrisAATTcomputersalat.de- fix for boo#1154600 (CVE-2019-18217, gh#846)- update to 1.3.6b
* Fixed pre-authentication remote denial-of-service issue (Issue #846).
* Backported fix for building mod_sql_mysql using MySQL 8 (Issue #824).- update to 1.3.6a
* Fixed symlink navigation (Bug#4332).
* Fixed building of mod_sftp using OpenSSL 1.1.x releases (Issue#674).
* Fixed SITE COPY honoring of restrictions (Bug#4372).
* Fixed segfault on login when using mod_sftp + mod_sftp_pam (Issue#656).
* Fixed restarts when using mod_facl as a static module- remove obsolete proftpd-CVE-2019-12815.patch
* included in 1.3.6a (Bug#4372)- add proftpd_env-script-interpreter.patch
* RPMLINT fix for env-script-interpreter (Badness: 9)
* Sat Nov 02 2019 Martin Hauke - fix for boo#1155834
* Add missing Requires(pre): group(ftp) for Leap 15 and Tumbleweed
* Add missing Requires(pre): user(ftp) for Leap 15 and Tumbleweed
* Wed Oct 02 2019 Bernhard Wiedemann - Update proftpd-dist.patch to use pam_keyinit.so (boo#1144056)
* Fri Aug 02 2019 chrisAATTcomputersalat.de- fix for boo#1142281 (CVE-2019-12815, bpo#4372) arbitrary file copy in mod_copy allows for remote code execution and information disclosure without authentication- add patch
* proftpd-CVE-2019-12815.patch taken from: - http://bugs.proftpd.org/show_bug.cgi?id=4372 - https://github.com/proftpd/proftpd/commit/a73dbfe3b61459e7c2806d5162b12f0957990cb3
* Mon Jul 01 2019 chrisAATTcomputersalat.de- update changes file
* add missing info about bugzilla 1113041
* Tue Mar 26 2019 Jan Engelhardt - Fix the Factory build: select the appropriate OpenSSL version to build with. (fix for boo#1113041)
* Wed Mar 20 2019 Jan Engelhardt - Reduce hard dependency on systemd to only that which is necessary for building and installation.- Modernize RPM macro use (%make_install, %tmpfiles_create).- Strip emphasis from description and trim other platform mentions.
* Wed Jul 11 2018 chrisAATTcomputersalat.de- update to 1.3.6
* Support for using Redis for caching, logging; see the doc/howto/Redis.html documentation.
* Fixed mod_sql_postgres SSL support (Issue #415).
* Support building against LibreSSL instead of OpenSSL (Issue #361).
* Better support on AIX for login restraictions (Bug #4285).
* TimeoutLogin (and other timeouts) were not working properly for SFTP connections (Bug#4299).
* Handling of the SIGILL and SIGINT signals, by the daemon process, now causes the child processes to be terminated as well (Issue #461).
* RPM .spec file naming changed to conform to Fedora guidelines.
* Fix for \"AllowChrootSymlinks off\" checking each component for symlinks (CVE-2017-7418). - New Modules:
* mod_redis, mod_tls_redis, mod_wrap2_redis With Redis now supported as a caching mechanism, similar to Memcache, there are now Redis-using modules: mod_redis (for configuring the Redis connection information), mod_tls_redis (for caching SSL sessions and OCSP information using Redis), and mod_wrap2_redis (for using ACLs stored in Redis). - Changed Modules:
* mod_ban The mod_ban module\'s BanCache directive can now use Redis-based caching; see doc/contrib/mod_ban.html#BanCache. - New Configuration Directives
* SQLPasswordArgon2, SQLPasswordScrypt The key lengths for Argon2 and Scrypt-based passwords are now configurable via these new directives; previously, the key length had been hardcoded to be 32 bytes, which is not interoperable with all other implementations (Issue #454). - Changed Configuration Directives
* AllowChrootSymlinks When \"AllowChrootSymlinks off\" was used, only the last portion of the DefaultRoot path would be checked to see if it was a symlink. Now, each component of the DefaultRoot path will be checked to see if it is a symlink when \"AllowChrootSymlinks off\" is used.
* Include The Include directive can now be used within a section, e.g.: Include /path/to/allowed.txt DenyAll - API Changes
* A new JSON API has been added, for use by third-party modules.- remove obsolete proftpd_include-in-limit-section.patch- rebase patches
* proftpd-ftpasswd.patch
* proftpd-no_BuildDate.patch
* Tue Jul 10 2018 chrisAATTcomputersalat.de- update to 1.3.5e
* Fixed SFTP issue with umac-64AATTopenssh.com digest/MAC.
* Fixed regression with mod_sftp rekeying.
* Backported fix for \"AllowChrootSymlinks off\" checking each component for symlinks (CVE-2017-7418).- remove obsolete patch
* proftpd-AllowChrootSymlinks.patch (now included)- rebase patches
* proftpd-dist.patch
* proftpd-no_BuildDate.patch
* proftpd_include-in-limit-section.patch
* Fri Jul 21 2017 bwiedemannAATTsuse.com- Sort SHARED_MODS list to fix build compare (boo#1041090)
* Fri Jun 16 2017 nmoudraAATTsuse.com- Removed xinetd service
* Fri Apr 07 2017 chrisAATTcomputersalat.de- fix for boo#1032443 (CVE-2017-7418)
* AllowChrootSymlinks not enforced by replacing a path component with a symbolic link
* add upstream commit (ecff21e0d0e84f35c299ef91d7fda088e516d4ed) as proftpd-AllowChrootSymlinks.patch- fix proftpd-tls.template
* reduce TLS protocols to TLSv1.1 and TLSv1.2
* disable TLSCACertificateFile
* add TLSCertificateChainFile
* Thu Mar 23 2017 jengelhAATTinai.de- Remove --with-pic, there are no static libs.- Replace %__-type macro indirections.- Replace old $RPM shell vars by macros.
* Mon Mar 06 2017 chrisAATTcomputersalat.de- fix and update proftpd-basic.conf.patch- add some sample config and templates for tls
* proftpd-tls.template
* proftpd-limit.conf
* proftpd-ssl.README
* Sun Feb 05 2017 chrisAATTcomputersalat.de- backport upstream feature
* include-in-limit-section (gh#410)
* add proftpd_include-in-limit-section.patch
* Tue Jan 17 2017 chrisAATTcomputersalat.de- update to 1.3.5d
* gh#4283 - All FTP logins treated as anonymous logins again. This is a regression of gh#3307.
* Sun Jan 15 2017 chrisAATTcomputersalat.de- update to 1.3.5c
* SSH rekey during authentication can cause issues with clients.
* Recursive SCP uploads of multiple directories not handled properly.
* LIST returns different results for file, depending on path syntax.
* \"AuthAliasOnly on\" in server config breaks anonymous logins.
* CapabilitiesEngine directive not honored for / sections.
* Support OpenSSL 1.1.x API.
* Memory leak when mod_facl is used.-rebase proftpd-no_BuildDate.patch
* Sat Aug 27 2016 chrisAATTcomputersalat.de- fix systemd vs SysVinit
* Sun May 08 2016 jengelhAATTinai.de- Remove redundant spec sections- Ensure systemd-tmpfiles is called for the provied config file
* Sun May 08 2016 chrisAATTcomputersalat.de- fix for boo#970890 (CVE-2016-3125)- update to 1.3.5b: http://www.proftpd.org/docs/RELEASE_NOTES-1.3.5b
* SSH RSA hostkeys smaller than 2048 bits now work properly.
* MLSD response lines are now properly CRLF terminated.
* Fixed selection of DH groups from TLSDHParamFile.- rebase proftpd-no_BuildDate.patch
* Sun May 31 2015 chrisAATTcomputersalat.de- fix for boo#927290 (CVE-2015-3306)- update to 1.3.5a: See http://www.proftpd.org/docs/NEWS-1.3.5a- rebase patches
* proftpd-ftpasswd.patch
* proftpd-no_BuildDate.patch- remove gpg-offline dependency- fix permissions on passwd file
* unable to use world-readable AuthUserFile \'.../passwd\' (perms 0644):
* 0644 -> 0440
* Mon Sep 01 2014 andreas.stiegerAATTgmx.de- ProFTPD 1.3.5
* Added support for SHA-256, SHA-512 password hashes to the ftpasswd tool
* New Modules mod_geoip, mod_log_forensic, mod_rlimit, mod_snmp, mod_dnsbl
* mod_sftp now supports ECC, ECDSA, ECDH
* Improved FIPS support in mod_sftp.
* mod_sftp module now honors the MaxStoreFileSize directive.
* Many new and changed configuration directives- update proftpd-no_BuildDate.patch
* Mon Sep 01 2014 andreas.stiegerAATTgmx.de- proftpd 1.3.4e: Multiple other backported fix from the 1.3.5 branch. See http://www.proftpd.org/docs/NEWS-1.3.4e- The fix for the mod_sftp/mod_sftp_pam memory allocation (CVE-2013-4359) contained in this release was previously patched into the package.- adjust proftpd-no_BuildDate.patch for context changes- remove proftpd-sftp-kbdint-max-responses-bug3973.patch, upstream
* Tue Mar 25 2014 crrodriguezAATTopensuse.org- Remove tcpd-devel from buildRequires and mod_wrap. support for tcp_wrappers style /etc/hosts.
* is provided by mod_wrap2_file instead, the latter does not require tcpd.
* Mon Mar 17 2014 chrisAATTcomputersalat.de- fix for bnc#844183
* proftpd fails to start due to missing /run/proftpd- add own tmpfiles.d file
* proftpd.tmpfile
* Thu Oct 03 2013 chrisAATTcomputersalat.de- update to 1.3.4d
* Fixed broken build when using --disable-ipv6 configure option
* Fixed mod_sql \"SQLAuthType Backend\" MySQL issues- fix for bnc#843444 (CVE-2013-4359)
* http://bugs.proftpd.org/show_bug.cgi?id=3973
* add proftpd-sftp-kbdint-max-responses-bug3973.patch
* Mon Jul 29 2013 crrodriguezAATTopensuse.org- Improve systemd service file- use upstream tmpfiles.d file. related to [bnc#811793]- Use /run instead of /var/run
* Wed May 01 2013 chrisAATTcomputersalat.de- update to 1.3.4c
* Added Spanish translation.
* Fixed several mod_sftp issues, including SFTPPassPhraseProvider, handling of symlinks for REALPATH requests, and response code logging.
* Fixed symlink race for creating directories when UserOwner is in effect.
* Increased performance of FTP directory listings.- rebase and rename patches (remove version string)
* proftpd-1.3.4a-dist.patch -> proftpd-dist.patch
* proftpd-1.3.4a-ftpasswd.patch -> proftpd-ftpasswd.patch
* proftpd-1.3.4a-strip.patch -> proftpd-strip.patch
* Fri Feb 08 2013 chrisAATTcomputersalat.de- fix proftpd.conf (rebase basic.conf patch)
* IdentLookups is now a seperate module IdentLookups on/off is needed and module is not built cause crrodriguez disabled it.
* Thu Nov 29 2012 sbrabecAATTsuse.cz- Verify GPG signature.
* Fri Nov 02 2012 chrisAATTcomputersalat.de- fix for bnc#787884 (https://bugzilla.novell.com/show_bug.cgi?id=787884)
* added extra Source proftpd.conf.tmpfile
* Thu Aug 30 2012 crrodriguezAATTopensuse.org- Disable ident lookups, this protocol is totally obsolete and dangerous. (add --disable-ident)- Fix debug info generation ( add --disable-strip)
* Wed Aug 29 2012 crrodriguezAATTopensuse.org- Add systemd unit
* Tue Aug 14 2012 chrisAATTcomputersalat.de- update to 1.3.4b + Fixed mod_ldap segfault on login when LDAPUsers with no filters used. + Fixed sporadic SFTP upload issues for large files. + Fixed SSH2 handling for some clients (e.g. OpenVMS). + New FactsOptions directive; see doc/modules/mod_facts.html#FactsOptions + Fixed build errors on Tru64, AIX, Cygwin.- add Source Signatuire (.asc) file- add noBuildDate patch- add lang pkg
* --enable-nls- add configure option
* --enable-openssl, --with-lastlog
* Mon Dec 12 2011 chrisAATTcomputersalat.de- update to 1.3.4a + Fixed mod_load/mod_wrap2 build issues.- 1.3.4 + New \"NoEmptyFragments\" TLSOption added; see the TLSOptions documentation for details. + Improved configure script for cross-compiling. + Reworked the proftpd.spec RPM file + Fixed mod_sql_mysql \"Alarm clock\" bug on FreeBSD. + New \"IgnoreSFTPSetTimes\" SFTPOption added; see the SFTPOptions documentation for details. + Fixed response pool use-after-free issue.- for more info please see the RELEASE_NOTES file- reworked patches
* now p0 patches
* Fri Nov 18 2011 chrisAATTcomputersalat.de- fix for bnc#731347
* no (hostname -s) in post section
* reworked basic conf patch
* Fri Nov 11 2011 chrisAATTcomputersalat.de- fix changelog
* RELEASE_NOTES-1.3.3g is lacking of important info- fix for CVE-2011-4130 (bnc#729830)
* https://bugzilla.novell.com/show_bug.cgi?id=729830 (upstream) http://bugs.proftpd.org/show_bug.cgi?id=3711 => fixed with version 1.3.3g
* Thu Nov 10 2011 chrisAATTcomputersalat.de- update to 1.3.3g (http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3g) + New \"NoEmptyFragments\" TLSOption added; see the TLSOptions documentation for details. + Fixed mod_sql_mysql \"Alarm clock\" bug on FreeBSD. (http://www.proftpd.org/docs/NEWS-1.3.3g) - Bug 3702 - ProFTPD with mod_sql_mysql dies of \"Alarm clock\" on FreeBSD. - Bug 3704 - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks. To disable this countermeasure, which may cause interoperability issues with some clients, use the NoEmptyFragments TLSOption. - Bug 3711 - Response pool use-after-free memory corruption error.
* Tue Oct 04 2011 chrisAATTcomputersalat.de- update to 1.3.3f + Fixes segfault if mod_sql_mysql and \"SQLAuthenticate groupsetfast\" configuration used. + Fixes mod_wrap syslog level (regression from Bug#3317). + Fixes mod_ifsession segfault if regular expression patterns used in a section.
* Fri Apr 29 2011 chrisAATTcomputersalat.de- push to Factory o fix changelog (not in sequence) o fix license (GPL -> GPLv2+) o remove Author from description o remove obsolete extra source proftpd.conf
* Fri Apr 08 2011 chrisAATTcomputersalat.de- update to 1.3.3e + Display messages work properly again. + Fixes plaintext command injection vulnerability in FTPS implementation (i.e. mod_tls). See http://bugs.proftpd.org/show_bug.cgi?id=3624 for details. + Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). See http://bugs.proftpd.org/show_bug.cgi?id=3586 for details. + Performance improvements, especially during server startup/restarts.
* Sun Jan 30 2011 chrisAATTcomputersalat.de- update to 1.3.3d + Fixed sql_prepare_where() buffer overflow (Bug#3536) + Fixed CPU spike when handling .ftpaccess files. + Fixed handling of SFTP uploads when compression is used.
* Fri Oct 22 2010 msebenAATTgmail.com- update to 1.3.3c + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925) + Fixed directory traversal bug in mod_site_misc + Fixed SQLite authentications using \"SQLAuthType Backend\"
* Fri Oct 22 2010 chrisAATTcomputersalat.de- clenaup spec- fix doc pkg o should not provide pkgconfig
* Fri Oct 15 2010 chrisAATTcomputersalat.de- update to 1.3.3b + Fixed SFTP directory listing bug + Avoid corrupting utmpx databases on FreeBSD + Avoid null pointer dereferences during data transfers + Fixed \"AuthAliasOnly on\" anonymous logins- rpmlint: no-pkg-config-provides o add BuildReq pkg-config- removed changes from spec
* Wed Jul 07 2010 chrisAATTcomputersalat.de- update to 1.3.3a + Added Japanese translation + Many mod_sftp bugfixes + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later + Fixed handling of utmp/utmpx format changes on FreeBSD- rpmlint: self-obsoletion
* Wed May 05 2010 msebenAATTnovell.com- fix build : dir-or-file-in-var-run badness : /var/run/proftpd dir is marked as ghost and it is created in init script now
* Fri Apr 09 2010 msebenAATTnovell.com- added ncurses-devel to buildrequires to fix ftptop message : \"no curses or ncurses library on this system\"
* Fri Feb 26 2010 chrisAATTcomputersalat.de- added info for \"STABLE\" versions only
* Thu Feb 25 2010 chrisAATTcomputersalat.de- update to 1.3.3 o Fixed mod_ban whitelisting using mod_ifsession. o Fixed per-user/group/class \"HideFiles none\" configurations. - 1.3.3rc4 o Fixed mod_tls compilation using OpenSSL installations older than 0.9.7. o Fixed mod_sftp compilation on AIX. o Fixed RADIUS authentication on 64-bit platforms o Fixed memory leak in SCP downloads. o New configuration directives SQLPasswordUserSalt The SQLPasswordUserSalt directive can be used to configure per-user salt data to be added to the encrypted password for a user. The salt can be the user name, or it can be the result of a SQL query. More information can be found in doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt.
* Wed Feb 10 2010 diego.ercolaniAATTgmail.com- update to 1.3.3rc3- try to be compatible with osc :-)
* Sun Dec 20 2009 chrisAATTcomputersalat.de- update to 1.3.2c o Bug and regression fixes.- removed obsolete CVE patch
* Mon Oct 26 2009 msebenAATTnovell.com- fixed CVE-2009-3639 : mod_tls security issue (bnc#549740)
* Wed Sep 16 2009 alexandreAATTexatati.com.br- Update tarball to its upstream version without bzipped patch;- Removed blank spaces at enf of lines on spec file;- Replaced tab characters on spec file.
* Wed Sep 16 2009 chrisAATTcomputersalat.de- update to 1.3.2 (1.3.2a) o many bugfixes, read ChangeLog or NEWS o include 1.3.2a upstream patch o removed old patches
* proftpd-1.3.1-umode_t.patch
* proftpd-1.3.1-O_CREAT.patch
* proftpd-1.3.1-libcap.patch
* proftpd-1.3.1-CVE-2009-0542.patch
* proftpd-1.3.1-CVE-2009-0543.patch o reworked basic.conf.patch- spec mods o removed ^#----- o removed {rel} o clean
* rm -rf RPM_BUILD_ROOT o added sub sqlite- fixed deps o BuildRequires: sqlite3-devel unixODBC-devel- rpmlint o description-shorter-than-summary o source-or-patch-not-bzipped proftpd-1.3.2a.patch
* Tue Jul 07 2009 chrisAATTcomputersalat.de- added proftpd.passwd o it is an initial passwd for virtuser and anonymous login works well with it :)
* Mon Jul 06 2009 chrisAATTcomputersalat.de- added ftpasswd.patch- rework of basic.conf patch- removed README.AIX
* Wed Apr 15 2009 chrisAATTcomputersalat.de- added basic.conf patch- added dist.patch o fix for xinetd, logrotate, pam- some more subpackages o ldap, mysql, pgsql, radius- added ftpasswd for simple virtuser support- added auth DIR /etc/proftpd/auth o passwd for virtuser- added conf.d DIR /etc/proftpd/conf.d o configs for inclusion- added log DIR /var/log/proftpd- beautify init file- beautify spec file
* Wed Feb 18 2009 msebenAATTsuse.cz- added proftpd.conf with uploads section
* Fri Feb 13 2009 msebenAATTsuse.cz- fixed sql injection vulnerability which allows remote attackers to execute arbitrary SQL commands via a \"%\" character CVE-2009-0542.patch (bnc#475316)- fixed vulnerability which allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters CVE-2009-0543.patch (bnc#475316)
* Mon Jan 26 2009 msebenAATTsuse.cz- splitted HTML doc to proftpd-doc- added %post and %postun macro to spec
* Thu Jan 22 2009 msebenAATTsuse.cz- fixed missing third argument in open function (
*-O_CREAT.patch)- disabled striping libraries (
*-no_strip.patch)- fixed configure script (
*-umode_t.patch)- added -DLDAP_DEPRECATED to CFLAGS because of deprecated ldap_init function- disabled contrib scripts for now- fixed handling _LINUX_CAPABILITY_VERSION on newer linux kernel. (proftpd-
*-libcap.patch)
* Wed Aug 20 2008 mrueckertAATTsuse.de- disabled debugging stuff for now
* Fri Oct 19 2007 mrueckertAATTsuse.de- enabled missing modules (mod_ban,mod_wrap2
*,mod_quota_radius) and replaced the hardcoded value for --with-shared with a dynamically generated list
* Sat Oct 06 2007 mrueckertAATTsuse.de- update to 1.3.1: Many bugfixes and new features like dynamic blacklisting of clients, improved SQL handling, and quotas.- added --enable-devel=coredump,nodaemon,nofork- added devel subpackage for the headers
* Wed Nov 29 2006 mrueckertAATTsuse.de- update to 1.3.0a: fixes a remote code execution. CVE-2006-5815 (http://bugs.proftpd.org/show_bug.cgi?id=2858)
  
ICM