pool/pure-ftpd
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
pure-ftpd/pure-ftpd-1.0.50.tar.bz2.minisig
Peter Simons a3d9a0ea7d Accepting request 947558 from home:1Antoine1:branches:network 
- Update to version 1.0.50:
  * Support for MD5, SHA1 and MySQL PASSWORD() function were removed for
    password hashing. You should now use scrypt, argon2 or the system crypt(3)
    function.
  * Soft fail if a USER command is received without TLS and the server is
    configured to enforce TLS. Previously, the session was immediately closed,
    but that was too brutal for some clients.
  * Allow connections from the class E network range -- apparently
    required in some cases when using Linux containers.
  * Large file listings used to require way more stack allocations than
    necessary, possibly reaching hard-coded limits and causing a forced
    session close. This has been fixed. (boo#1160111, CVE-2019-20176)
  * The SPSV command has been removed.
  * Under some circunstances, the server would not start when configured
    with directory aliases. This has been fixed.
  * PostgreSQL: hard-coded global configuration strings were not escaped.
    This has been fixed.
  * A warning is now printed when a transfer happens in ASCII mode, as
    this is rarely intentional.
  * Compilation with --without-ascii is now possible again.
  * Configuration options for features that have been disabled at
    compile-time are not parsed any more.
  * When virtual quotas were configured, files were removed after an
    upload if the size quota was exceeded, but not during the upload. This
    has been fixed. (boo#1190205, CVE-2021-40524)
  * A configuration file can now include other files with the `Include`
    directive.
  * Fix an out-of-bound read (boo#1164805, CVE-2020-9365).
  * Fix a potential uninitialized pointer vulnerability (boo#1165134,
    CVE-2020-9274).

OBS-URL: https://build.opensuse.org/request/show/947558
OBS-URL: https://build.opensuse.org/package/show/network/pure-ftpd?expand=0&rev=85
2022-01-24 08:45:36 +00:00

5 lines
319 B
Plaintext
Raw Blame History

untrusted comment: signature from minisign secret key
RUQf6LRCGA9i57aBgT/tiGx1u6egpneerHNFnVcTxn+xTzczo+eqq4KwdZAzUobaHqAyMnIfL/qXmrDamBDNMBCRT6yOGR2XKwc=
trusted comment: timestamp:1637704947 file:pure-ftpd-1.0.50.tar.bz2 hashed
u6gmbzYNFi0OfccBzyL1Qs+/7N+1xSPrle1LEKJ4mfacBqqVPmdL7QGUTFYBlRhp1w4R36gBvvAt34/aMQePBw==
Reference in New Issue View Git Blame Copy Permalink