Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

proftpd-ldap-1.3.8b-lp160.1.1 RPM for aarch64

From OpenSuSE Leap 16.0 for aarch64

Name: proftpd-ldap Distribution: openSUSE Leap 16.0
Version: 1.3.8b Vendor: openSUSE
Release: lp160.1.1 Build date: Thu Feb 29 15:45:47 2024
Group: Productivity/Networking/Ftp/Servers Build host: reproducible
Size: 68936 Source RPM: proftpd-1.3.8b-lp160.1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: http://www.proftpd.org/
Summary: LDAP Module for ProFTPD
This is the LDAP Module for ProFTPD

Provides

Requires

License

GPL-2.0-or-later

Changelog

* Thu Feb 29 2024 Dominique Leuenberger <[email protected]>
  - Use %autosetup macro. Allows to eliminate the usage of deprecated
    %patchN.
* Wed Jan 03 2024 [email protected]
  - Update changes file
    * add missing boo#1218144 (CVE-2023-48795) info
    * add missing CVE-2023-51713 info
* Wed Dec 27 2023 [email protected]
  - 1.3.8b - Released 19-Dec-2023
      fix for boo#1218144 (CVE-2023-48795)
    * http://proftpd.org/docs/NEWS-1.3.8b
    * Implemented mitigations for "Terrapin" SSH attack (CVE-2023-48795).
  - rebase patch
    * proftpd-no_BuildDate.patch
* Thu Nov 02 2023 [email protected]
  - 1.3.8a - Released 08-Oct-2023
      fix for boo#1218344 (CVE-2023-51713):
      gh#1683 - Out-of-bounds buffer read when handling FTP commands.
      https://github.com/proftpd/proftpd/issues/1683
    * http://proftpd.org/docs/NEWS-1.3.8a
    * Fixed builds when using OpenSSL 3.x
* Wed Jan 25 2023 [email protected]
  - 1.3.7f - Released 04-Dec-2022
    * Issue 1533 - mod_tls module unexpectedly allows TLS handshake after
      authentication in some configurations.
    * Bug 4491 - unable to verify signed data: signature type 'rsa-sha2-512' does
      not match publickey algorithm 'ssh-rsa'.
* Mon Jan 16 2023 Stefan Schubert <[email protected]>
  - Migration of PAM settings to /usr/lib/pam.d.
* Thu Sep 01 2022 [email protected]
  - Update proftpd-basic.conf.patch
    * remove obsolete config option, LoginPasswordPrompt
  - rework proftpd-dist.patch
* Tue Aug 09 2022 [email protected]
  - 1.3.7e - Released 23-Jul-2022
    * Issue 1448 - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x.
  - 1.3.7d - Released 23-Apr-2022
    * Issue 1321 - Crash with long lines in AuthGroupFile due to large realloc(3).
    * Issue 1325 - NLST does not behave consistently for relative paths.
    * Issue 1346 - Implement AllowForeignAddress class matching for passive data
      transfers.
    * Bug 4467 - DeleteAbortedStores removes successfully transferred files
      unexpectedly.
    * Issue 1401 - Keepalive socket options should be set using IPPROTO_TCP, not
      SOL_SOCKET.
    * Issue 1402 - TCP keepalive SocketOptions should apply to control as well as
      data connection.
    * Issue 1396 - ProFTPD always uses the same PassivePorts port for first
    transfer.
    * Issue 1369 - Name-based virtual hosts not working as expected after upgrade
      from 1.3.7a to 1.3.7b.
  - rebase proftpd-no_BuildDate.patch
* Sun Mar 27 2022 [email protected]
  - fix deps for SLES
* Sat Mar 26 2022 [email protected]
  - remove configure --disable-static
* Tue Mar 01 2022 [email protected]
  - Update to version 1.3.7c:
    * http://proftpd.org/docs/NEWS-1.3.7c
    * http://proftpd.org/docs/RELEASE_NOTES-1.3.7c
  - Update patches
    * harden_proftpd.service.patch
    * proftpd-ftpasswd.patch
    * proftpd-no_BuildDate.patch
    * proftpd.spec
    * proftpd_env-script-interpreter.patch
* Wed Oct 20 2021 Johannes Segitz <[email protected]>
  - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
    * harden_proftpd.service.patch
    Modified:
    * proftpd.service
* Thu Nov 19 2020 Dominique Leuenberger <[email protected]>
  - Update to version 1.3.6e:
    + Invalid SCP command leads to null pointer dereference.
  - Do not limit to openSSL < 1.1: proftpd has had support for
    openSSL 1.1 sice version 1.3.6a.
  - Rebase proftpd-no_BuildDate.patch.
* Fri Jun 05 2020 [email protected]
  - update to 1.3.6d
    * Issue 857 - Fixed regression in the handling of `%{env:...}` configuration
      variables when the environment variable is not present.
    * Issue 940 - Second LIST of the same symlink shows different results.
    * Issue 959 - FTPS uploads using TLSv1.3 are likely to fail unexpectedly.
    * Issue 980 - mod_sftp sends broken response when CREATETIME attribute is
      requested.
    * Bug 4398 - Handle zero-length SFTP WRITE requests without error.
    * Issue 1018 - PidFile should not be world-writable.
    * Issue 1014 - TLSv1.3 handshake fails due to missing session ticket key on
      some systems.
    * Issue 1023 - Lowercased FTP commands not properly identified.
  - rebase proftpd-no_BuildDate.patch
* Mon Feb 24 2020 [email protected]
  - fix for boo#1164572 (CVE-2020-9272, gh#902)
  - fix for boo#1164574 (CVE-2020-9273, gh#903)
  - update to 1.3.6c
    * Fixed regression in directory listing latency (Issue #863).
    * Detect OpenSSH-specific formatted SFTPHostKeys, and log hint for
      converting them to supported format.
    * Fixed use-after-free vulnerability during data transfers (Issue #903).
    * Fixed out-of-bounds read in mod_cap by updating the bundled libcap
      (Issue #902).
  - remove obsolete proftpd-tls-crls-issue859.patch
  - rebase patches
    * proftpd-ftpasswd.patch
    * proftpd-no_BuildDate.patch
    * proftpd_env-script-interpreter.patch
* Sat Feb 01 2020 [email protected]
  - cleanup tls.template
    * remove deprecated NoCertRequest from TLSOptions
* Sat Dec 28 2019 [email protected]
  - fix changes file
    * add missing info about boo#1155834
    * add missing info about boo#1154600
  - fix for boo#1156210
    * GeoIP has been discontinued by Maxmind
    * remove module build for geoip
      see https://support.maxmind.com/geolite-legacy-discontinuation-notice/
  - fix for boo#1157803 (CVE-2019-19269), boo#1157798 (CVE-2019-19270)
    * add upstream patch proftpd-tls-crls-issue859.patch
* Sun Nov 03 2019 [email protected]
  - fix for boo#1154600 (CVE-2019-18217, gh#846)
  - update to 1.3.6b
    * Fixed pre-authentication remote denial-of-service issue (Issue #846).
    * Backported fix for building mod_sql_mysql using MySQL 8 (Issue #824).
  - update to 1.3.6a
    * Fixed symlink navigation (Bug#4332).
    * Fixed building of mod_sftp using OpenSSL 1.1.x releases (Issue#674).
    * Fixed SITE COPY honoring of <Limit> restrictions (Bug#4372).
    * Fixed segfault on login when using mod_sftp + mod_sftp_pam (Issue#656).
    * Fixed restarts when using mod_facl as a static module
  - remove obsolete proftpd-CVE-2019-12815.patch
    * included in 1.3.6a (Bug#4372)
  - add proftpd_env-script-interpreter.patch
    * RPMLINT fix for env-script-interpreter (Badness: 9)
* Sat Nov 02 2019 Martin Hauke <[email protected]>
  - fix for boo#1155834
    * Add missing Requires(pre): group(ftp) for Leap 15 and Tumbleweed
    * Add missing Requires(pre): user(ftp) for Leap 15 and Tumbleweed
* Wed Oct 02 2019 Bernhard Wiedemann <[email protected]>
  - Update proftpd-dist.patch to use pam_keyinit.so (boo#1144056)
* Fri Aug 02 2019 [email protected]
  - fix for boo#1142281 (CVE-2019-12815, bpo#4372)
    arbitrary file copy in mod_copy allows for remote code execution
    and information disclosure without authentication
  - add patch
    * proftpd-CVE-2019-12815.patch
      taken from:
    - http://bugs.proftpd.org/show_bug.cgi?id=4372
    - https://github.com/proftpd/proftpd/commit/a73dbfe3b61459e7c2806d5162b12f0957990cb3
* Mon Jul 01 2019 [email protected]
  - update changes file
    * add missing info about bugzilla 1113041
* Tue Mar 26 2019 Jan Engelhardt <[email protected]>
  - Fix the Factory build: select the appropriate OpenSSL version
    to build with. (fix for boo#1113041)
* Wed Mar 20 2019 Jan Engelhardt <[email protected]>
  - Reduce hard dependency on systemd to only that which is
    necessary for building and installation.
  - Modernize RPM macro use (%make_install, %tmpfiles_create).
  - Strip emphasis from description and trim other platform mentions.
* Wed Jul 11 2018 [email protected]
  - update to 1.3.6
    * Support for using Redis for caching, logging; see the doc/howto/Redis.html
      documentation.
    * Fixed mod_sql_postgres SSL support (Issue #415).
    * Support building against LibreSSL instead of OpenSSL (Issue #361).
    * Better support on AIX for login restraictions (Bug #4285).
    * TimeoutLogin (and other timeouts) were not working properly for SFTP
      connections (Bug#4299).
    * Handling of the SIGILL and SIGINT signals, by the daemon process, now causes
      the child processes to be terminated as well (Issue #461).
    * RPM .spec file naming changed to conform to Fedora guidelines.
    * Fix for "AllowChrootSymlinks off" checking each component for symlinks
      (CVE-2017-7418).
    - New Modules:
    * mod_redis, mod_tls_redis, mod_wrap2_redis
      With Redis now supported as a caching mechanism, similar to Memcache,
      there are now Redis-using modules: mod_redis (for configuring the Redis
      connection information), mod_tls_redis (for caching SSL sessions and
      OCSP information using Redis), and mod_wrap2_redis (for using ACLs stored
      in Redis).
    - Changed Modules:
    * mod_ban
      The mod_ban module's BanCache directive can now use Redis-based caching;
      see doc/contrib/mod_ban.html#BanCache.
    - New Configuration Directives
    * SQLPasswordArgon2, SQLPasswordScrypt
      The key lengths for Argon2 and Scrypt-based passwords are now configurable
      via these new directives; previously, the key length had been hardcoded
      to be 32 bytes, which is not interoperable with all other implementations
      (Issue #454).
    - Changed Configuration Directives
    * AllowChrootSymlinks
      When "AllowChrootSymlinks off" was used, only the last portion of the
      DefaultRoot path would be checked to see if it was a symlink.  Now,
      each component of the DefaultRoot path will be checked to see if it is
      a symlink when "AllowChrootSymlinks off" is used.
    * Include
      The Include directive can now be used within a <Limit> section, e.g.:
      <Limit LOGIN>
      Include /path/to/allowed.txt
      DenyAll
      </Limit>
    - API Changes
    * A new JSON API has been added, for use by third-party modules.
  - remove obsolete proftpd_include-in-limit-section.patch
  - rebase patches
    * proftpd-ftpasswd.patch
    * proftpd-no_BuildDate.patch
* Tue Jul 10 2018 [email protected]
  - update to 1.3.5e
    * Fixed SFTP issue with [email protected] digest/MAC.
    * Fixed regression with mod_sftp rekeying.
    * Backported fix for "AllowChrootSymlinks off" checking each component
      for symlinks (CVE-2017-7418).
  - remove obsolete patch
    * proftpd-AllowChrootSymlinks.patch (now included)
  - rebase patches
    * proftpd-dist.patch
    * proftpd-no_BuildDate.patch
    * proftpd_include-in-limit-section.patch
* Fri Jul 21 2017 [email protected]
  - Sort SHARED_MODS list to fix build compare (boo#1041090)
* Fri Jun 16 2017 [email protected]
  - Removed xinetd service
* Fri Apr 07 2017 [email protected]
  - fix for boo#1032443 (CVE-2017-7418)
    * AllowChrootSymlinks not enforced by replacing a path component
      with a symbolic link
    * add upstream commit (ecff21e0d0e84f35c299ef91d7fda088e516d4ed)
      as proftpd-AllowChrootSymlinks.patch
  - fix proftpd-tls.template
    * reduce TLS protocols to TLSv1.1 and TLSv1.2
    * disable TLSCACertificateFile
    * add TLSCertificateChainFile
* Thu Mar 23 2017 [email protected]
  - Remove --with-pic, there are no static libs.
  - Replace %__-type macro indirections.
  - Replace old $RPM shell vars by macros.
* Mon Mar 06 2017 [email protected]
  - fix and update proftpd-basic.conf.patch
  - add some sample config and templates for tls
    * proftpd-tls.template
    * proftpd-limit.conf
    * proftpd-ssl.README
* Sun Feb 05 2017 [email protected]
  - backport upstream feature
    * include-in-limit-section (gh#410)
    * add proftpd_include-in-limit-section.patch
* Tue Jan 17 2017 [email protected]
  - update to 1.3.5d
    * gh#4283 - All FTP logins treated as anonymous logins again.  This is a
    regression of gh#3307.
* Sun Jan 15 2017 [email protected]
  - update to 1.3.5c
    * SSH rekey during authentication can cause issues with clients.
    * Recursive SCP uploads of multiple directories not handled properly.
    * LIST returns different results for file, depending on path syntax.
    * "AuthAliasOnly on" in server config breaks anonymous logins.
    * CapabilitiesEngine directive not honored for <IfUser>/<IfGroup>
      sections.
    * Support OpenSSL 1.1.x API.
    * Memory leak when mod_facl is used.
  -rebase proftpd-no_BuildDate.patch
* Sat Aug 27 2016 [email protected]
  - fix systemd vs SysVinit
* Sun May 08 2016 [email protected]
  - Remove redundant spec sections
  - Ensure systemd-tmpfiles is called for the provied config file
* Sun May 08 2016 [email protected]
  - fix for boo#970890 (CVE-2016-3125)
  - update to 1.3.5b:
    http://www.proftpd.org/docs/RELEASE_NOTES-1.3.5b
    * SSH RSA hostkeys smaller than 2048 bits now work properly.
    * MLSD response lines are now properly CRLF terminated.
    * Fixed selection of DH groups from TLSDHParamFile.
  - rebase proftpd-no_BuildDate.patch
* Sun May 31 2015 [email protected]
  - fix for boo#927290 (CVE-2015-3306)
  - update to 1.3.5a:
    See http://www.proftpd.org/docs/NEWS-1.3.5a
  - rebase patches
    * proftpd-ftpasswd.patch
    * proftpd-no_BuildDate.patch
  - remove gpg-offline dependency
  - fix permissions on passwd file
    * unable to use world-readable AuthUserFile '.../passwd' (perms 0644):
    * 0644 -> 0440
* Mon Sep 01 2014 [email protected]
  - ProFTPD 1.3.5
    * Added support for SHA-256, SHA-512 password hashes to the ftpasswd tool
    * New Modules
      mod_geoip, mod_log_forensic, mod_rlimit, mod_snmp, mod_dnsbl
    * mod_sftp now supports ECC, ECDSA, ECDH
    * Improved FIPS support in mod_sftp.
    * mod_sftp module now honors the MaxStoreFileSize directive.
    * Many new and changed configuration directives
  - update proftpd-no_BuildDate.patch
* Mon Sep 01 2014 [email protected]
  - proftpd 1.3.4e:
    Multiple other backported fix from the 1.3.5 branch.
    See http://www.proftpd.org/docs/NEWS-1.3.4e
  - The fix for the mod_sftp/mod_sftp_pam memory allocation
    (CVE-2013-4359) contained in this release was previously patched
    into the package.
  - adjust proftpd-no_BuildDate.patch for context changes
  - remove proftpd-sftp-kbdint-max-responses-bug3973.patch, upstream
* Tue Mar 25 2014 [email protected]
  - Remove tcpd-devel from buildRequires and mod_wrap.
    support for tcp_wrappers style /etc/hosts.* is provided
    by mod_wrap2_file instead, the latter does not require tcpd.
* Mon Mar 17 2014 [email protected]
  - fix for bnc#844183
    * proftpd fails to start due to missing /run/proftpd
  - add own tmpfiles.d file
    * proftpd.tmpfile
* Thu Oct 03 2013 [email protected]
  - update to 1.3.4d
    * Fixed broken build when using --disable-ipv6 configure option
    * Fixed mod_sql "SQLAuthType Backend" MySQL issues
  - fix for bnc#843444 (CVE-2013-4359)
    * http://bugs.proftpd.org/show_bug.cgi?id=3973
    * add proftpd-sftp-kbdint-max-responses-bug3973.patch
* Mon Jul 29 2013 [email protected]
  - Improve systemd service file
  - use upstream tmpfiles.d file. related to [bnc#811793]
  - Use /run instead of /var/run
* Wed May 01 2013 [email protected]
  - update to 1.3.4c
    * Added Spanish translation.
    * Fixed several mod_sftp issues, including SFTPPassPhraseProvider,
      handling of symlinks for REALPATH requests, and response code logging.
    * Fixed symlink race for creating directories when UserOwner is in effect.
    * Increased performance of FTP directory listings.
  - rebase and rename patches (remove version string)
    * proftpd-1.3.4a-dist.patch -> proftpd-dist.patch
    * proftpd-1.3.4a-ftpasswd.patch -> proftpd-ftpasswd.patch
    * proftpd-1.3.4a-strip.patch -> proftpd-strip.patch
* Fri Feb 08 2013 [email protected]
  - fix proftpd.conf (rebase basic.conf patch)
    * IdentLookups is now a seperate module
      <IfModule mod_ident.c> IdentLookups on/off </IfModule>
      is needed and module is not built cause crrodriguez disabled it.
* Thu Nov 29 2012 [email protected]
  - Verify GPG signature.
* Fri Nov 02 2012 [email protected]
  - fix for bnc#787884
    (https://bugzilla.novell.com/show_bug.cgi?id=787884)
    * added extra Source proftpd.conf.tmpfile
* Thu Aug 30 2012 [email protected]
  - Disable ident lookups, this protocol is totally obsolete
    and dangerous. (add --disable-ident)
  - Fix debug info generation ( add --disable-strip)
* Wed Aug 29 2012 [email protected]
  - Add systemd unit
* Tue Aug 14 2012 [email protected]
  - update to 1.3.4b
    + Fixed mod_ldap segfault on login when LDAPUsers with no filters used.
    + Fixed sporadic SFTP upload issues for large files.
    + Fixed SSH2 handling for some clients (e.g. OpenVMS).
    + New FactsOptions directive; see doc/modules/mod_facts.html#FactsOptions
    + Fixed build errors on Tru64, AIX, Cygwin.
  - add Source Signatuire (.asc) file
  - add noBuildDate patch
  - add lang pkg
    * --enable-nls
  - add configure option
    * --enable-openssl, --with-lastlog
* Mon Dec 12 2011 [email protected]
  - update to 1.3.4a
    + Fixed mod_load/mod_wrap2 build issues.
  - 1.3.4
    + New "NoEmptyFragments" TLSOption added; see the TLSOptions documentation
      for details.
    + Improved configure script for cross-compiling.
    + Reworked the proftpd.spec RPM file
    + Fixed mod_sql_mysql "Alarm clock" bug on FreeBSD.
    + New "IgnoreSFTPSetTimes" SFTPOption added; see the SFTPOptions
      documentation for details.
    + Fixed response pool use-after-free issue.
  - for more info please see the RELEASE_NOTES file
  - reworked patches
    * now p0 patches
* Fri Nov 18 2011 [email protected]
  - fix for bnc#731347
    * no (hostname -s) in post section
    * reworked basic conf patch
* Fri Nov 11 2011 [email protected]
  - fix changelog
    * RELEASE_NOTES-1.3.3g is lacking of important info
  - fix for CVE-2011-4130 (bnc#729830)
    * https://bugzilla.novell.com/show_bug.cgi?id=729830
      (upstream) http://bugs.proftpd.org/show_bug.cgi?id=3711
    => fixed with version 1.3.3g
* Thu Nov 10 2011 [email protected]
  - update to 1.3.3g
    (http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3g)
    + New "NoEmptyFragments" TLSOption added; see the TLSOptions documentation
      for details.
    + Fixed mod_sql_mysql "Alarm clock" bug on FreeBSD.
    (http://www.proftpd.org/docs/NEWS-1.3.3g)
    - Bug 3702 - ProFTPD with mod_sql_mysql dies of "Alarm clock" on FreeBSD.
    - Bug 3704 - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks.
      To disable this countermeasure, which may cause interoperability issues
      with some clients, use the NoEmptyFragments TLSOption.
    - Bug 3711 - Response pool use-after-free memory corruption error.
* Tue Oct 04 2011 [email protected]
  - update to 1.3.3f
    + Fixes segfault if mod_sql_mysql and "SQLAuthenticate groupsetfast"
      configuration used.
    + Fixes mod_wrap syslog level (regression from Bug#3317).
    + Fixes mod_ifsession segfault if regular expression patterns used in
      a <VirtualHost> section.
* Fri Apr 29 2011 [email protected]
  - push to Factory
    o fix changelog (not in sequence)
    o fix license (GPL -> GPLv2+)
    o remove Author from description
    o remove obsolete extra source proftpd.conf
* Fri Apr 08 2011 [email protected]
  - update to 1.3.3e
    + Display messages work properly again.
    + Fixes plaintext command injection vulnerability in FTPS implementation
      (i.e. mod_tls).  See http://bugs.proftpd.org/show_bug.cgi?id=3624 for
      details.
    + Fixes CVE-2011-1137 (badly formed SSH messages cause DoS).  See
      http://bugs.proftpd.org/show_bug.cgi?id=3586 for details.
    + Performance improvements, especially during server startup/restarts.
* Sun Jan 30 2011 [email protected]
  - update to 1.3.3d
    + Fixed sql_prepare_where() buffer overflow (Bug#3536)
    + Fixed CPU spike when handling .ftpaccess files.
    + Fixed handling of SFTP uploads when compression is used.
* Fri Oct 22 2010 [email protected]
  - update to 1.3.3c
    + Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
    + Fixed directory traversal bug in mod_site_misc
    + Fixed SQLite authentications using "SQLAuthType Backend"
* Fri Oct 22 2010 [email protected]
  - clenaup spec
  - fix doc pkg
    o should not provide pkgconfig
* Fri Oct 15 2010 [email protected]
  - update to 1.3.3b
    + Fixed SFTP directory listing bug
    + Avoid corrupting utmpx databases on FreeBSD
    + Avoid null pointer dereferences during data transfers
    + Fixed "AuthAliasOnly on" anonymous logins
  - rpmlint: no-pkg-config-provides
    o add BuildReq pkg-config
  - removed changes from spec
* Wed Jul 07 2010 [email protected]
  - update to 1.3.3a
    + Added Japanese translation
    + Many mod_sftp bugfixes
    + Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later
    + Fixed handling of utmp/utmpx format changes on FreeBSD
  - rpmlint: self-obsoletion
* Wed May 05 2010 [email protected]
  - fix build : dir-or-file-in-var-run badness : /var/run/proftpd dir
    is marked as ghost and it is created in init script now
* Fri Apr 09 2010 [email protected]
  - added ncurses-devel to buildrequires to fix ftptop message : "no
    curses or ncurses library on this system"
* Fri Feb 26 2010 [email protected]
  - added info for "STABLE" versions only
* Thu Feb 25 2010 [email protected]
  - update to 1.3.3
      o Fixed mod_ban whitelisting using mod_ifsession.
      o Fixed per-user/group/class "HideFiles none" configurations.
    - 1.3.3rc4
      o Fixed mod_tls compilation using OpenSSL installations older
      than 0.9.7.
      o Fixed mod_sftp compilation on AIX.
      o Fixed RADIUS authentication on 64-bit platforms
      o Fixed memory leak in SCP downloads.
      o New configuration directives
      SQLPasswordUserSalt
      The SQLPasswordUserSalt directive can be used to configure
      per-user salt data to be added to the encrypted password
      for a user.  The salt can be the user name, or it can be
      the result of a SQL query. More information can be found in
      doc/contrib/mod_sql_passwd.html#SQLPasswordUserSalt.
* Wed Feb 10 2010 [email protected]
  - update to 1.3.3rc3
  - try to be compatible with osc :-)
* Sun Dec 20 2009 [email protected]
  - update to 1.3.2c
    o Bug and regression fixes.
  - removed obsolete CVE patch
* Mon Oct 26 2009 [email protected]
  - fixed CVE-2009-3639 : mod_tls security issue (bnc#549740)
* Wed Sep 16 2009 [email protected]
  - Update tarball to its upstream version without
    bzipped patch;
  - Removed blank spaces at enf of lines on spec file;
  - Replaced tab characters on spec file.
* Wed Sep 16 2009 [email protected]
  - update to 1.3.2 (1.3.2a)
    o many bugfixes, read ChangeLog or NEWS
    o include 1.3.2a upstream patch
    o removed old patches
    * proftpd-1.3.1-umode_t.patch
    * proftpd-1.3.1-O_CREAT.patch
    * proftpd-1.3.1-libcap.patch
    * proftpd-1.3.1-CVE-2009-0542.patch
    * proftpd-1.3.1-CVE-2009-0543.patch
    o reworked basic.conf.patch
  - spec mods
    o removed ^#-----
    o removed {rel}
    o clean
    * rm -rf RPM_BUILD_ROOT
    o added sub sqlite
  - fixed deps
    o BuildRequires:  sqlite3-devel unixODBC-devel
  - rpmlint
    o description-shorter-than-summary
    o source-or-patch-not-bzipped proftpd-1.3.2a.patch
* Tue Jul 07 2009 [email protected]
  - added proftpd.passwd
    o it is an initial passwd for virtuser and
      anonymous login works well with it :)
* Mon Jul 06 2009 [email protected]
  - added ftpasswd.patch
  - rework of basic.conf patch
  - removed README.AIX
* Wed Apr 15 2009 [email protected]
  - added basic.conf patch
  - added dist.patch
    o fix for xinetd, logrotate, pam
  - some more subpackages
    o ldap, mysql, pgsql, radius
  - added ftpasswd for simple virtuser support
  - added auth DIR /etc/proftpd/auth
    o passwd for virtuser
  - added conf.d DIR /etc/proftpd/conf.d
    o configs for inclusion
  - added log DIR /var/log/proftpd
  - beautify init file
  - beautify spec file
* Wed Feb 18 2009 [email protected]
  - added proftpd.conf with uploads section
* Fri Feb 13 2009 [email protected]
  - fixed sql injection vulnerability which allows remote attackers
    to execute arbitrary SQL commands via a "%" character
    CVE-2009-0542.patch (bnc#475316)
  - fixed vulnerability which allows remote attackers to bypass SQL
    injection protection  mechanisms via invalid, encoded multibyte
    characters CVE-2009-0543.patch (bnc#475316)
* Mon Jan 26 2009 [email protected]
  - splitted HTML doc to proftpd-doc
  - added %post and %postun macro to spec
* Thu Jan 22 2009 [email protected]
  - fixed missing third argument in open function (*-O_CREAT.patch)
  - disabled striping libraries (*-no_strip.patch)
  - fixed configure script (*-umode_t.patch)
  - added -DLDAP_DEPRECATED to CFLAGS because of deprecated ldap_init
    function
  - disabled contrib scripts for now
  - fixed handling _LINUX_CAPABILITY_VERSION on newer linux kernel.
    (proftpd-*-libcap.patch)
* Wed Aug 20 2008 [email protected]
  - disabled debugging stuff for now
* Fri Oct 19 2007 [email protected]
  - enabled missing modules (mod_ban,mod_wrap2*,mod_quota_radius)
    and replaced the hardcoded value for --with-shared with a
    dynamically generated list
* Sat Oct 06 2007 [email protected]
  - update to 1.3.1:
    Many bugfixes and new features like dynamic blacklisting of
    clients, improved SQL handling, and quotas.
  - added --enable-devel=coredump,nodaemon,nofork
  - added devel subpackage for the headers
* Wed Nov 29 2006 [email protected]
  - update to 1.3.0a:
    fixes a remote code execution.  CVE-2006-5815
    (http://bugs.proftpd.org/show_bug.cgi?id=2858)

Files

/usr/lib64/proftpd/mod_ldap.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Dec 2 23:33:16 2024