Thanks chrstophe for the reply. As hardy is LTS and should be supported until 
April 2011, I thought security patches should be included in the recent 
packages. And I can't dist-upgrade this server as it's a vServer.
My home server is running lucid, though (and therefore affected with this bug).

Today I saw that maverick (upcoming Ubuntu 10.10) has an updated 
proftpd-version in its repository:
http://packages.ubuntu.com/maverick/proftpd-basic
It's 1.3.2e-4 which was released 24/Feb/2010 by proftpd-project, but seems to 
be a stable version which does not have the bug we encounter (from the version 
number and changelog - I did not try it myself yet).
I think 1.3.2e is more something for 10.04 and 10.10 should include 1.3.3a 
(which was released 01/Jul/2010 by the proftpd-project and seems to be a stable 
and reliable version as well). But I think they just synced with Debian 
unstable and got 1.3.2e from there, so we should be happy with that. I just had 
a look into the Debian repository: They now have 1.3.3a in unstable but it was 
marked experimental until 05 Jul 2010, so probably the sync for maverick ended 
before that date so 1.3.2e is what we'll get for maverick.
As lucid is LTS I think 1.3.2-e will come to the lucid repository some day, but 
I think I'll update my lucid machine to maverick as soon as it seems reliable 
(December maybe).

Probably the maverick-package installs in lucid as well, but I think
this would be a messy solution as well.

Can somebody please confirm (try by himself) if this bug is really fixed
in maverick?

-- 
proftpd 1.3.2c with SSL is useless in Ubuntu 10.04
https://bugs.launchpad.net/bugs/580512
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to