Thanks chrstophe for the reply. As hardy is LTS and should be supported until April 2011, I thought security patches should be included in the recent packages. And I can't dist-upgrade this server as it's a vServer. My home server is running lucid, though (and therefore affected with this bug).
Today I saw that maverick (upcoming Ubuntu 10.10) has an updated proftpd-version in its repository: http://packages.ubuntu.com/maverick/proftpd-basic It's 1.3.2e-4 which was released 24/Feb/2010 by proftpd-project, but seems to be a stable version which does not have the bug we encounter (from the version number and changelog - I did not try it myself yet). I think 1.3.2e is more something for 10.04 and 10.10 should include 1.3.3a (which was released 01/Jul/2010 by the proftpd-project and seems to be a stable and reliable version as well). But I think they just synced with Debian unstable and got 1.3.2e from there, so we should be happy with that. I just had a look into the Debian repository: They now have 1.3.3a in unstable but it was marked experimental until 05 Jul 2010, so probably the sync for maverick ended before that date so 1.3.2e is what we'll get for maverick. As lucid is LTS I think 1.3.2-e will come to the lucid repository some day, but I think I'll update my lucid machine to maverick as soon as it seems reliable (December maybe). Probably the maverick-package installs in lucid as well, but I think this would be a messy solution as well. Can somebody please confirm (try by himself) if this bug is really fixed in maverick? -- proftpd 1.3.2c with SSL is useless in Ubuntu 10.04 https://bugs.launchpad.net/bugs/580512 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs