-----BEGIN PGP SIGNED MESSAGE----- On Sun, 5 Sep 1999, Seth R Arnold wrote:
> Paul, stay away from wu_ftpd. It might be a wonderful piece of software, it > might do many things -- but it seems half the unix traffic on bugtraq is due > to buffer overflows in wu_ftpd. A security hole was found in proftpd > recently, but the patch (on bugtraq) is a one-line fix -- so I imagine the > debian maintainer will have a patch out soon, if not already -- if you don't > want to deal with compiling your own server. - From the changelog </usr/share/doc/proftpd/changelog.Debian.gz> proftpd (1.2.0pre4-1) unstable; urgency=high * New upstream version, fixing remote root exploit. i _think_ this means the patch has already been applied and uploaded. - -- finger for PGP public key. -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBN9Mdhr7M/9WKZLW5AQFzuwP/Zmkj5Oi8s9+0R+PQkR5wgeEoY4aGxOHV jiawNuiNpp3Xmt7uKNK6Ix7qJiWjTEvuxBQYRSRMfrd6I2K2lhYrEgHYxsvOmdvL zl6OVbUrOSmYKLSU6ima5HljcWq/4u7X1hUE6DRrzwvLv42UDwoWOP4Nd8Q1Quj4 vlfRGw9qec8= =UKaS -----END PGP SIGNATURE-----