rpms/proftpd/devel .cvsignore, 1.17, 1.18 proftpd.spec, 1.61, 1.62 sources, 1.17, 1.18 proftpd-1.3.2b-segfault-on-auth-fail.patch, 1.1, NONE
Paul Howarth
pghmcfc at fedoraproject.org
Thu Dec 10 23:28:04 UTC 2009
- Previous message (by thread): rpms/proftpd/F-11 .cvsignore, 1.17, 1.18 proftpd.spec, 1.54, 1.55 sources, 1.17, 1.18 proftpd-1.3.2b-segfault-on-auth-fail.patch, 1.1, NONE
- Next message (by thread): rpms/proftpd/F-12 .cvsignore, 1.17, 1.18 proftpd.spec, 1.60, 1.61 sources, 1.17, 1.18 proftpd-1.3.2b-segfault-on-auth-fail.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: pghmcfc
Update of /cvs/pkgs/rpms/proftpd/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21998/devel
Modified Files:
.cvsignore proftpd.spec sources
Removed Files:
proftpd-1.3.2b-segfault-on-auth-fail.patch
Log Message:
* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2c-1
- Update to 1.3.2c, addressing the following issues:
- SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324)
- Failed database transaction can cause mod_quotatab to loop (bug 3228)
- Segfault in mod_wrap (bug 3332)
- <Directory> sections can have <Limit> problems (bug 3337)
- mod_wrap2 segfaults when a valid user retries the USER command (bug 3341)
- mod_auth_file handles 'getgroups' request incorrectly (bug 3347)
- Segfault caused by scrubbing zero-length portion of memory (bug 3350)
- Drop upstreamed segfault patch
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/devel/.cvsignore,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -p -r1.17 -r1.18
--- .cvsignore 21 Oct 2009 11:18:26 -0000 1.17
+++ .cvsignore 10 Dec 2009 23:28:04 -0000 1.18
@@ -1,3 +1,3 @@
-proftpd-1.3.2b.tar.bz2
+proftpd-1.3.2c.tar.bz2
proftpd-mod-vroot-0.8.5.tar.gz
proftpd-mod-exec-0.9.6.tar.gz
Index: proftpd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/devel/proftpd.spec,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -p -r1.61 -r1.62
--- proftpd.spec 10 Dec 2009 16:09:47 -0000 1.61
+++ proftpd.spec 10 Dec 2009 23:28:04 -0000 1.62
@@ -7,11 +7,11 @@
%endif
#global prever rc3
-%global rpmrel 3
+%global rpmrel 1
Summary: Flexible, stable and highly-configurable FTP server
Name: proftpd
-Version: 1.3.2b
+Version: 1.3.2c
Release: %{?prever:0.}%{rpmrel}%{?prever:.%{prever}}%{?dist}
License: GPLv2+
Group: System Environment/Daemons
@@ -31,7 +31,6 @@ Source11: http://www.castaglia.org/prof
Patch0: proftpd-1.3.2rc3-nostrip.patch
Patch2: proftpd-1.3.2-parallel-build.patch
Patch3: proftpd-1.3.2a-mlsd.patch
-Patch4: proftpd-1.3.2b-segfault-on-auth-fail.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
Requires(post): /sbin/chkconfig
Requires(preun): /sbin/service, /sbin/chkconfig, coreutils, findutils
@@ -100,9 +99,6 @@ Module to add PostgreSQL support to the
# (upstream patch)
%patch3 -p1 -b .mlsd
-# Fix segfault on auth failures (bug 3350)
-%patch4 -p1 -b .segfault-on-auth-failure
-
# Avoid documentation name conflicts
%{__mv} contrib/README contrib/README.contrib
@@ -295,6 +291,17 @@ fi
%changelog
+* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2c-1
+- Update to 1.3.2c, addressing the following issues:
+ - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324)
+ - Failed database transaction can cause mod_quotatab to loop (bug 3228)
+ - Segfault in mod_wrap (bug 3332)
+ - <Directory> sections can have <Limit> problems (bug 3337)
+ - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341)
+ - mod_auth_file handles 'getgroups' request incorrectly (bug 3347)
+ - Segfault caused by scrubbing zero-length portion of memory (bug 3350)
+- Drop upstreamed segfault patch
+
* Thu Dec 10 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-3
- Add patch for upstream bug 3350 - segfault on auth failures
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/devel/sources,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -p -r1.17 -r1.18
--- sources 21 Oct 2009 11:18:26 -0000 1.17
+++ sources 10 Dec 2009 23:28:04 -0000 1.18
@@ -1,3 +1,3 @@
-0d6777839f37115654ce384841f68131 proftpd-1.3.2b.tar.bz2
+559fd3fb6959d42ddd66b333a03b0c49 proftpd-1.3.2c.tar.bz2
139fc328c43a9afbe290ec787713096b proftpd-mod-vroot-0.8.5.tar.gz
dfcaf605f116c29d7b4771a9b02f509b proftpd-mod-exec-0.9.6.tar.gz
--- proftpd-1.3.2b-segfault-on-auth-fail.patch DELETED ---
- Previous message (by thread): rpms/proftpd/F-11 .cvsignore, 1.17, 1.18 proftpd.spec, 1.54, 1.55 sources, 1.17, 1.18 proftpd-1.3.2b-segfault-on-auth-fail.patch, 1.1, NONE
- Next message (by thread): rpms/proftpd/F-12 .cvsignore, 1.17, 1.18 proftpd.spec, 1.60, 1.61 sources, 1.17, 1.18 proftpd-1.3.2b-segfault-on-auth-fail.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list