Accepting request 90987 from home:computersalat:devel:network

fix for CVE-2011-4130 (bnc#729830) OBS-URL: https://build.opensuse.org/request/show/90987 OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=8
2011-11-11 13:27:22 +00:00 · 2011-11-11 13:27:22 +00:00 · a5bdec49b4
commit a5bdec49b4
parent b08f1b9495
1 changed files with 17 additions and 0 deletions
--- a/proftpd.changes
+++ b/proftpd.changes
@ -1,10 +1,27 @@
+-------------------------------------------------------------------
+Fri Nov 11 13:13:57 UTC 2011 - chris@computersalat.de
+
+- fix changelog
+  * RELEASE_NOTES-1.3.3g is lacking of important info
+- fix for CVE-2011-4130 (bnc#729830)
+  * https://bugzilla.novell.com/show_bug.cgi?id=729830
+    (upstream) http://bugs.proftpd.org/show_bug.cgi?id=3711
+  => fixed with version 1.3.3g
+
 -------------------------------------------------------------------
 Thu Nov 10 09:39:36 UTC 2011 - chris@computersalat.de

 - update to 1.3.3g
+  (http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3g)
  + New "NoEmptyFragments" TLSOption added; see the TLSOptions documentation
    for details.
  + Fixed mod_sql_mysql "Alarm clock" bug on FreeBSD.
+  (http://www.proftpd.org/docs/NEWS-1.3.3g)
+  - Bug 3702 - ProFTPD with mod_sql_mysql dies of "Alarm clock" on FreeBSD.
+  - Bug 3704 - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks.
+    To disable this countermeasure, which may cause interoperability issues
+    with some clients, use the NoEmptyFragments TLSOption.
+  - Bug 3711 - Response pool use-after-free memory corruption error.

 -------------------------------------------------------------------
 Tue Oct  4 22:03:10 UTC 2011 - chris@computersalat.de