forked from pool/proftpd
e01dea1699
update to 1.3.3f OBS-URL: https://build.opensuse.org/request/show/86600 OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=4
257 lines
8.9 KiB
Plaintext
257 lines
8.9 KiB
Plaintext
-------------------------------------------------------------------
|
|
Tue Oct 4 22:03:10 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 1.3.3f
|
|
+ Fixes segfault if mod_sql_mysql and "SQLAuthenticate groupsetfast"
|
|
configuration used.
|
|
+ Fixes mod_wrap syslog level (regression from Bug#3317).
|
|
+ Fixes mod_ifsession segfault if regular expression patterns used in
|
|
a <VirtualHost> section.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 29 11:18:55 UTC 2011 - chris@computersalat.de
|
|
|
|
- push to Factory
|
|
o fix changelog (not in sequence)
|
|
o fix license (GPL -> GPLv2+)
|
|
o remove Author from description
|
|
o remove obsolete extra source proftpd.conf
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 8 22:08:55 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 1.3.3e
|
|
+ Display messages work properly again.
|
|
+ Fixes plaintext command injection vulnerability in FTPS implementation
|
|
(i.e. mod_tls). See http://bugs.proftpd.org/show_bug.cgi?id=3624 for
|
|
details.
|
|
+ Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). See
|
|
http://bugs.proftpd.org/show_bug.cgi?id=3586 for details.
|
|
+ Performance improvements, especially during server startup/restarts.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 30 20:40:10 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 1.3.3d
|
|
+ Fixed sql_prepare_where() buffer overflow (Bug#3536)
|
|
+ Fixed CPU spike when handling .ftpaccess files.
|
|
+ Fixed handling of SFTP uploads when compression is used.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 22 23:26:10 UTC 2010 - mseben@gmail.com
|
|
|
|
- update to 1.3.3c
|
|
+ Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
|
|
+ Fixed directory traversal bug in mod_site_misc
|
|
+ Fixed SQLite authentications using "SQLAuthType Backend"
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 22 17:49:06 UTC 2010 - chris@computersalat.de
|
|
|
|
- clenaup spec
|
|
- fix doc pkg
|
|
o should not provide pkgconfig
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 15 14:13:43 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 1.3.3b
|
|
+ Fixed SFTP directory listing bug
|
|
+ Avoid corrupting utmpx databases on FreeBSD
|
|
+ Avoid null pointer dereferences during data transfers
|
|
+ Fixed "AuthAliasOnly on" anonymous logins
|
|
- rpmlint: no-pkg-config-provides
|
|
o add BuildReq pkg-config
|
|
- removed changes from spec
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 7 14:17:45 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 1.3.3a
|
|
+ Added Japanese translation
|
|
+ Many mod_sftp bugfixes
|
|
+ Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later
|
|
+ Fixed handling of utmp/utmpx format changes on FreeBSD
|
|
- rpmlint: self-obsoletion
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 5 14:01:02 UTC 2010 - mseben@novell.com
|
|
|
|
- fix build : dir-or-file-in-var-run badness : /var/run/proftpd dir
|
|
is marked as ghost and it is created in init script now
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 9 15:44:32 UTC 2010 - mseben@novell.com
|
|
|
|
- added ncurses-devel to buildrequires to fix ftptop message : "no
|
|
curses or ncurses library on this system"
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 26 16:01:47 UTC 2010 - chris@computersalat.de
|
|
|
|
- added info for "STABLE" versions only
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 25 00:14:20 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 1.3.3
|
|
o Fixed mod_ban whitelisting using mod_ifsession.
|
|
o Fixed per-user/group/class "HideFiles none" configurations.
|
|
- 1.3.3rc4
|
|
o Fixed mod_tls compilation using OpenSSL installations older
|
|
than 0.9.7.
|
|
o Fixed mod_sftp compilation on AIX.
|
|
o Fixed RADIUS authentication on 64-bit platforms
|
|
o Fixed memory leak in SCP downloads.
|
|
o New configuration directives
|
|
SQLPasswordUserSalt
|
|
The SQLPasswordUserSalt directive can be used to configure
|
|
per-user salt data to be added to the encrypted password
|
|
for a user. The salt can be the user name, or it can be
|
|
the result of a SQL query. More information can be found in
|
|
doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 10 16:10:32 CET 2010 - diego.ercolani@gmail.com
|
|
|
|
- update to 1.3.3rc3
|
|
- try to be compatible with osc :-)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Dec 20 19:39:10 UTC 2009 - chris@computersalat.de
|
|
|
|
- update to 1.3.2c
|
|
o Bug and regression fixes.
|
|
- removed obsolete CVE patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 26 12:35:29 UTC 2009 - mseben@novell.com
|
|
|
|
- fixed CVE-2009-3639 : mod_tls security issue (bnc#549740)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 16 18:17:04 UTC 2009 - alexandre@exatati.com.br
|
|
|
|
- Update tarball to its upstream version without
|
|
bzipped patch;
|
|
- Removed blank spaces at enf of lines on spec file;
|
|
- Replaced tab characters on spec file.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 16 11:20:20 UTC 2009 - chris@computersalat.de
|
|
|
|
- update to 1.3.2 (1.3.2a)
|
|
o many bugfixes, read ChangeLog or NEWS
|
|
o include 1.3.2a upstream patch
|
|
o removed old patches
|
|
* proftpd-1.3.1-umode_t.patch
|
|
* proftpd-1.3.1-O_CREAT.patch
|
|
* proftpd-1.3.1-libcap.patch
|
|
* proftpd-1.3.1-CVE-2009-0542.patch
|
|
* proftpd-1.3.1-CVE-2009-0543.patch
|
|
o reworked basic.conf.patch
|
|
- spec mods
|
|
o removed ^#-----
|
|
o removed {rel}
|
|
o clean
|
|
* rm -rf RPM_BUILD_ROOT
|
|
o added sub sqlite
|
|
- fixed deps
|
|
o BuildRequires: sqlite3-devel unixODBC-devel
|
|
- rpmlint
|
|
o description-shorter-than-summary
|
|
o source-or-patch-not-bzipped proftpd-1.3.2a.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 7 22:21:50 CEST 2009 - chris@computersalat.de
|
|
|
|
- added proftpd.passwd
|
|
o it is an initial passwd for virtuser and
|
|
anonymous login works well with it :)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 6 22:16:46 CEST 2009 - chris@computersalat.de
|
|
|
|
- added ftpasswd.patch
|
|
- rework of basic.conf patch
|
|
- removed README.AIX
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 16 01:54:23 CEST 2009 - chris@computersalat.de
|
|
|
|
- added basic.conf patch
|
|
- added dist.patch
|
|
o fix for xinetd, logrotate, pam
|
|
- some more subpackages
|
|
o ldap, mysql, pgsql, radius
|
|
- added ftpasswd for simple virtuser support
|
|
- added auth DIR /etc/proftpd/auth
|
|
o passwd for virtuser
|
|
- added conf.d DIR /etc/proftpd/conf.d
|
|
o configs for inclusion
|
|
- added log DIR /var/log/proftpd
|
|
- beautify init file
|
|
- beautify spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 18 10:40:55 CET 2009 - mseben@suse.cz
|
|
|
|
- added proftpd.conf with uploads section
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 13 16:55:01 CET 2009 - mseben@suse.cz
|
|
|
|
- fixed sql injection vulnerability which allows remote attackers
|
|
to execute arbitrary SQL commands via a "%" character
|
|
CVE-2009-0542.patch (bnc#475316)
|
|
- fixed vulnerability which allows remote attackers to bypass SQL
|
|
injection protection mechanisms via invalid, encoded multibyte
|
|
characters CVE-2009-0543.patch (bnc#475316)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 26 14:19:45 CET 2009 - mseben@suse.cz
|
|
|
|
- splitted HTML doc to proftpd-doc
|
|
- added %post and %postun macro to spec
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 22 13:58:33 CET 2009 - mseben@suse.cz
|
|
|
|
- fixed missing third argument in open function (*-O_CREAT.patch)
|
|
- disabled striping libraries (*-no_strip.patch)
|
|
- fixed configure script (*-umode_t.patch)
|
|
- added -DLDAP_DEPRECATED to CFLAGS because of deprecated ldap_init
|
|
function
|
|
- disabled contrib scripts for now
|
|
- fixed handling _LINUX_CAPABILITY_VERSION on newer linux kernel.
|
|
(proftpd-*-libcap.patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 20 12:43:56 CEST 2008 - mrueckert@suse.de
|
|
|
|
- disabled debugging stuff for now
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 19 11:58:42 CEST 2007 - mrueckert@suse.de
|
|
|
|
- enabled missing modules (mod_ban,mod_wrap2*,mod_quota_radius)
|
|
and replaced the hardcoded value for --with-shared with a
|
|
dynamically generated list
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Oct 6 03:42:39 CEST 2007 - mrueckert@suse.de
|
|
|
|
- update to 1.3.1:
|
|
Many bugfixes and new features like dynamic blacklisting of
|
|
clients, improved SQL handling, and quotas.
|
|
- added --enable-devel=coredump,nodaemon,nofork
|
|
- added devel subpackage for the headers
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 29 04:11:44 CET 2006 - mrueckert@suse.de
|
|
|
|
- update to 1.3.0a:
|
|
fixes a remote code execution. CVE-2006-5815
|
|
(http://bugs.proftpd.org/show_bug.cgi?id=2858)
|
|
|