-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 28 Nov 2006 19:26:06 -0500
Source: proftpd
Binary: proftpd proftpd-mysql proftpd-pgsql proftpd-ldap proftpd-doc
Architecture: i386_translations all i386
Version: 1.3.0-9ubuntu0.1
Distribution: edgy-security
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@terranova.buildd>
Changed-By: Daniel T Chen <crimsun@ubuntu.com>
Description: 
 proftpd    - Versatile, virtual-hosting FTP daemon
 proftpd-doc - Versatile, virtual-hosting FTP daemon (Documentation)
 proftpd-ldap - Versatile, virtual-hosting FTP daemon (dummy transitional package
 proftpd-mysql - Versatile, virtual-hosting FTP daemon (dummy transitional package
 proftpd-pgsql - Versatile, virtual-hosting FTP daemon (dummy transitional package
Changes: 
 proftpd (1.3.0-9ubuntu0.1) edgy-security; urgency=low
 .
   * SECURITY UPDATE: Fix off-by-one in src/support.c::sreplace() allowing
     arbitrary remote command execution due to string manipulation flaw.
   * debian/patches/CVE-2006-5815_support.c_sreplace-off-by-one.dpatch:
     Add (and also enable in debian/patches/00list).
   * References:
     - CVE-2006-5815
     - http://bugs.proftpd.org/show_bug.cgi?id=2858
Files: 
 34f6384136cdf1b32f913640ceb3e367 609056 net optional proftpd_1.3.0-9ubuntu0.1_i386.deb
 07174f7cad460c1c3e1530845e74f3cd 487528 doc optional proftpd-doc_1.3.0-9ubuntu0.1_all.deb
 7c20c3d0797a6407de1a5ae260a1568c 161582 net optional proftpd-mysql_1.3.0-9ubuntu0.1_all.deb
 3340c896803a27194c3f7b6f59396f97 161580 net optional proftpd-pgsql_1.3.0-9ubuntu0.1_all.deb
 63a39a0683f83e399d4fce310e53874a 161582 net optional proftpd-ldap_1.3.0-9ubuntu0.1_all.deb
 0289fb1be3b21b77824447ebbd090b09 12070 raw-translations - proftpd_1.3.0-9ubuntu0.1_i386_translations.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFbOo50N0xjzyQZEIRAjipAJ4qvD+32IIpQntiUMPC+++Rl4nVLwCeKNdt
e4gpvQgwysS6r3RjtYo0Wss=
=B7eu
-----END PGP SIGNATURE-----