Re: ProFTPD still vulnerable (Sarge)
On Thu, 2006-11-30 at 15:10 +0100, Francesco P. Lovergine wrote:
> This is unfortunately an effect of an issue with the old mod_delay patch.
> It's not an exploiting of the known issue. You have to either disable mod_delay or use
> 1.2.10-20sarge1 which is available at http://people.debian.org/~frankie/debian/sarge
> That is in use successfully since ages on high-load server like alioth.
> The sarge1 version also manages the 3 recent security issues.
So, should we use 1.2.10-20sarge1 or the just released 1.2.10-15sarge3?
-Jim P.
Reply to: