On Wed, 27 Mar 2002 00:37:59 +0100 martin f krafft <madduck@madduck.net> wrote: >> [...] > > (please fix your line wraps!) > > security.debian.org has proftpd_1.2.0pre10-2.0potato1 which does not > contain this bug, at least not on i386 systems: > > fishbowl:~> ncftp lapse.home.madduck.net > NcFTP 3.1.2 (Jan 28, 2002) by Mike Gleason (ncftp@ncftp.com). > Connecting to 192.168.14.3 > ProFTPD 1.2.0pre10 Server (Debian) [lapse.home.madduck.net] > Logging in... > > [...] Adding... proftpd (1.2.0pre10-2.0potato1) stable; urgency=high * Non-Maintainer upload. * Applied patch against string format buffer attack. * Removed extra User/Group pair from basic.conf, server now runs as user/group nobody by default. * Added build dependencies on zlib1g-dev, debhelper and libpam-dev. * In contrib/libcap/libcap.h: moved the capability.h include to just below sys/types.h to fix horrible build errors. -- Ivo Timmermans <ivo@debian.org> Sat, 24 Feb 2001 12:42:53 +0100 See: "Applied patch against string format buffer attack." done, -- _ _ __|_ _. _ _|_.__.._ _ _ (_||_|_> |_(_|\/(_) | |(_|| |(_(_) stratus@ax.net.br _|nupg id: 0x37155778 gustavo@dsgx.org Alternex S/A - www.alternex.com.br -- Rio de Janeiro/Brazil gnupg id: 0x37155778 (fetch from keyserver: wwwkeys.eu.pgp.net) Key fingerprint = 1908 52B9 4A16 6EC2 74D1 C03B EDFB 7005 3715 5778
Attachment:
pgpue_Yl7BNrG.pgp
Description: PGP signature