proftpd-dfsg (1.3.1-17ubuntu1.1) jaunty-security; urgency=low * Security: added 3124.dpatch patch to manage another SQL injection due to % variable substitution in user/group names. This is fixed in 1.3.2. This is CVE-2009-0542. (LP: #508738)
* Security: added 3173fix.dpatch to use PQescapeStringConn() instead of the deprecated PQescapeString(), which does not honour the encoding. This is referred to the previous fix of #3173 aka CVE-2009-0543. * Security: added 3275.dpatch as taken from 1.3.2b branch to fix CVE-2009-3639. Date: Tue, 19 Jan 2010 19:14:30 +0100 Changed-By: Jan Hagemeyer <ja...@et.uni-paderborn.de> Maintainer: Ubuntu MOTU Developers <ubuntu-m...@lists.ubuntu.com> https://launchpad.net/ubuntu/jaunty/+source/proftpd-dfsg/1.3.1-17ubuntu1.1
Format: 1.8 Date: Tue, 19 Jan 2010 19:14:30 +0100 Source: proftpd-dfsg Binary: proftpd proftpd-basic proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap Architecture: source Version: 1.3.1-17ubuntu1.1 Distribution: jaunty-security Urgency: low Maintainer: Ubuntu MOTU Developers <ubuntu-m...@lists.ubuntu.com> Changed-By: Jan Hagemeyer <ja...@et.uni-paderborn.de> Description: proftpd - versatile, virtual-hosting FTP daemon proftpd-basic - versatile, virtual-hosting FTP daemon - binaries proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-ldap - versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-pgsql - versatile, virtual-hosting FTP daemon - PostgreSQL module Launchpad-Bugs-Fixed: 508738 Changes: proftpd-dfsg (1.3.1-17ubuntu1.1) jaunty-security; urgency=low . * Security: added 3124.dpatch patch to manage another SQL injection due to % variable substitution in user/group names. This is fixed in 1.3.2. This is CVE-2009-0542. (LP: #508738) . * Security: added 3173fix.dpatch to use PQescapeStringConn() instead of the deprecated PQescapeString(), which does not honour the encoding. This is referred to the previous fix of #3173 aka CVE-2009-0543. . * Security: added 3275.dpatch as taken from 1.3.2b branch to fix CVE-2009-3639. Checksums-Sha1: e6562f220ac8b74ce78d5bf1e11d80a49eb3e072 1435 proftpd-dfsg_1.3.1-17ubuntu1.1.dsc 7729f0cc71d57e9e94b85a338816d5e91ccaace8 103356 proftpd-dfsg_1.3.1-17ubuntu1.1.diff.gz Checksums-Sha256: ba91ab8636b388da3b4052f008537dd08dd8f8e4b9a2929b7605b8369b862852 1435 proftpd-dfsg_1.3.1-17ubuntu1.1.dsc 15059494b4f67da58e7f9929792e32ed80b6bfdd448158097cdf83807281a76a 103356 proftpd-dfsg_1.3.1-17ubuntu1.1.diff.gz Files: 5dc51fe4e85d2a19975baeb8a4fc8102 1435 net optional proftpd-dfsg_1.3.1-17ubuntu1.1.dsc 72403cf5d6a5a14b9b0d282a6fd6b2d8 103356 net optional proftpd-dfsg_1.3.1-17ubuntu1.1.diff.gz Original-Maintainer: Francesco Paolo Lovergine <fran...@debian.org>
-- Jaunty-changes mailing list Jaunty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/jaunty-changes