diff --git a/proftpd-1.3.5a.tar.gz b/proftpd-1.3.5a.tar.gz deleted file mode 100644 index 171ace9..0000000 --- a/proftpd-1.3.5a.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a1f48df8539c414ec56e0cea63dcf4b8e16e606c05f10156f030a4a67fae5696 -size 29988477 diff --git a/proftpd-1.3.5a.tar.gz.asc b/proftpd-1.3.5a.tar.gz.asc deleted file mode 100644 index fe5e05e..0000000 --- a/proftpd-1.3.5a.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) - -iEYEABECAAYFAlVmZ+4ACgkQt46JP6URl2pTLwCeMiXrNoRkvmHGEUFDwFwHdYIM -io8AoIxqqi320QUG1sSePFQ6Fy041WSl -=Vapu ------END PGP SIGNATURE----- diff --git a/proftpd-1.3.5b.tar.gz b/proftpd-1.3.5b.tar.gz new file mode 100644 index 0000000..90adb79 --- /dev/null +++ b/proftpd-1.3.5b.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:afc1789f2478acf88dfdc7d70da90a4fa2786d628218e9574273295d044b4fc8 +size 29992107 diff --git a/proftpd-1.3.5b.tar.gz.asc b/proftpd-1.3.5b.tar.gz.asc new file mode 100644 index 0000000..412c7dd --- /dev/null +++ b/proftpd-1.3.5b.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Comment: GPGTools - https://gpgtools.org + +iEYEABECAAYFAlbiG/wACgkQt46JP6URl2oHTQCgu/R5ZS7ekS+6d5xxrPNPgjx1 +SsQAoK6ZNVCmDi1VT30SKKGsOj89/TD9 +=8Ct3 +-----END PGP SIGNATURE----- diff --git a/proftpd-no_BuildDate.patch b/proftpd-no_BuildDate.patch index 12ab69a..646a00c 100644 --- a/proftpd-no_BuildDate.patch +++ b/proftpd-no_BuildDate.patch @@ -65,13 +65,13 @@ Index: include/version.h -#include "buildstamp.h" - /* Application version (in various forms) */ - #define PROFTPD_VERSION_NUMBER 0x0001030507 - #define PROFTPD_VERSION_TEXT "1.3.5a" + #define PROFTPD_VERSION_NUMBER 0x0001030508 + #define PROFTPD_VERSION_TEXT "1.3.5b" Index: src/main.c =================================================================== --- src/main.c.orig +++ src/main.c -@@ -2426,8 +2426,8 @@ static void standalone_main(void) { +@@ -2435,8 +2435,8 @@ static void standalone_main(void) { init_bindings(); @@ -82,7 +82,7 @@ Index: src/main.c pr_pidfile_write(); daemon_loop(); -@@ -2482,7 +2482,6 @@ static void show_settings(void) { +@@ -2491,7 +2491,6 @@ static void show_settings(void) { printf("%s", " Platform: " PR_PLATFORM " [unknown]\n"); #endif /* !HAVE_UNAME */ @@ -90,7 +90,7 @@ Index: src/main.c printf("%s", " Built With:\n configure " PR_BUILD_OPTS "\n\n"); printf("%s", " CFLAGS: " PR_BUILD_CFLAGS "\n"); -@@ -3000,7 +2999,6 @@ int main(int argc, char *argv[], char ** +@@ -3009,7 +3008,6 @@ int main(int argc, char *argv[], char ** printf("ProFTPD Version: %s", PROFTPD_VERSION_TEXT " " PR_STATUS "\n"); printf(" Scoreboard Version: %08x\n", PR_SCOREBOARD_VERSION); diff --git a/proftpd.changes b/proftpd.changes index 61872f7..6fe133a 100644 --- a/proftpd.changes +++ b/proftpd.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sun May 8 19:25:45 UTC 2016 - chris@computersalat.de + +- fix for boo#970890 (CVE-2016-3125) +- update to 1.3.5b: + http://www.proftpd.org/docs/RELEASE_NOTES-1.3.5b + * SSH RSA hostkeys smaller than 2048 bits now work properly. + * MLSD response lines are now properly CRLF terminated. + * Fixed selection of DH groups from TLSDHParamFile. +- rebase proftpd-no_BuildDate.patch + ------------------------------------------------------------------- Sun May 31 18:54:45 UTC 2015 - chris@computersalat.de diff --git a/proftpd.spec b/proftpd.spec index d7a0601..7188255 100644 --- a/proftpd.spec +++ b/proftpd.spec @@ -1,7 +1,7 @@ # # spec file for package proftpd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ License: GPL-2.0+ Group: Productivity/Networking/Ftp/Servers # Please save your time and do not update to "rc" versions. # We only accept updates for "STABLE" Versions -Version: 1.3.5a +Version: 1.3.5b Release: 0 Url: http://www.proftpd.org/ Source0: ftp://ftp.proftpd.org/distrib/source/%{name}-%{version}.tar.gz