-
proftpd-dfsg (1.3.1-17ubuntu1.1) jaunty-security; urgency=low
* Security: added 3124.dpatch patch to manage another SQL injection due to %
variable substitution in user/group names. This is fixed in 1.3.2. This is
CVE-2009-0542. (LP: #508738)
* Security: added 3173fix.dpatch to use PQescapeStringConn() instead of the
deprecated PQescapeString(), which does not honour the encoding.
This is referred to the previous fix of #3173 aka CVE-2009-0543.
* Security: added 3275.dpatch as taken from 1.3.2b branch to fix
CVE-2009-3639.
-- Jan Hagemeyer <email address hidden> Tue, 19 Jan 2010 19:14:30 +0100
-
proftpd-dfsg (1.3.1-17ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes (LP: #329167):
- mod_rewrite.c.dpatch: Added S_IRUSR|S_IWUSR to build with the new
Compiler Flags
proftpd-dfsg (1.3.1-17) unstable; urgency=high
* Security: added 3173.dpatch patch to manage a critical encoding-dependent SQL
injection with SQL-based authentication.
See http://bugs.proftpd.org/show_bug.cgi?id=3173. This is fixed in 1.3.2.
Thanks TJ for backported patch.
* Now debian/rules removes at cleaning time a couple of .la files
under contrib/ still around after building. This fixes a recently discovered
FTBS error due to those files.
-- Nick Ellery <email address hidden> Fri, 13 Feb 2009 10:55:20 -0800
-
proftpd-dfsg (1.3.1-16ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- mod_rewrite.c.dpatch: Added S_IRUSR|S_IWUSR to build with the new
Compiler Flags
proftpd-dfsg (1.3.1-16) unstable; urgency=low
* Enabled nls support to allow alternative encodings to work.
(closes: #503274)
-- Nicolas Valcarcel <email address hidden> Thu, 18 Dec 2008 02:07:47 -0500
-
proftpd-dfsg (1.3.1-15ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- mod_rewrite.c.dpatch: Added S_IRUSR|S_IWUSR to build with the new
Compiler Flags
-- Nicolas Valcarcel <email address hidden> Wed, 05 Nov 2008 09:15:26 -0500
-
proftpd-dfsg (1.3.1-12ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- mod_rewrite.c.dpatch: Added S_IRUSR|S_IWUSR to build with the new
Compiler Flags
proftpd-dfsg (1.3.1-12) unstable; urgency=low
* Binary packages are now splitted:
- proftpd-mod-mysql
- proftpd-mod-pgsql
- proftpd-mod-ldap
- proftpd-basic
- proftpd (pseudo)
to reduce dependencies for basic proftpd installations without exotic
auth layers. The proftpd binary is now a pseudo-package used for
migrating from etch to the new structure.
(closes: #364331)
* Removed perl dependency in proftpd-basic.
* Updated debconf templates
- Japanese. Closes: #463172
- Brazilian Portuguese. Closes: #486259
- Turkish. Closes: #486560
- Swedish. Closes: #487371
* Updated README.Debian file.
-- Nicolas Valcarcel <email address hidden> Sat, 16 Aug 2008 00:47:30 -0500
