proftpd: the final issue

To: debian-release@lists.debian.org
Subject: proftpd: the final issue
From: Francesco Paolo Lovergine <frankie@debian.org>
Date: Wed, 1 Jun 2005 11:00:44 +0200
Message-id: <[🔎] 20050601090044.GA6295@mithrandir>

TJ aka castaglia, finally fixed the bug in 

http://bugs.proftpd.org/show_bug.cgi?id=2622
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308313

Currently (1.2.10-13) the only workaround for that is disabling 
the mod_delay module. This of course potentially impacts prevention of
the timing attack that module solves. 

http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02

I'm inclined to consider
that bug a RC (security) one, so if you RMs would allow the incoming 
fixed -14 release entering sarge before release, that would be 
great and allow me (poor maintainer) to sleep as a child in the 
next years...

-- 
Francesco P. Lovergine

Reply to:

Prev by Date: Re: Accepted vmelilo-installer 1.8.1 (m68k source)
Next by Date: Please accept blosxom
Previous by thread: Re: Accepted vmelilo-installer 1.8.1 (m68k source)
Next by thread: Please accept blosxom
Index(es):
- Date
- Thread