rpms/proftpd/EL-5 .cvsignore, 1.14, 1.15 proftpd.pam, 1.3, 1.4 proftpd.spec, 1.36, 1.37 sources, 1.14, 1.15 proftpd-1.3.2a-defines.patch, 1.1, NONE
Paul Howarth
pghmcfc at fedoraproject.org
Mon Nov 16 20:05:30 UTC 2009
- Previous message: rpms/proftpd/EL-4 .cvsignore, 1.11, 1.12 proftpd.pam, 1.3, 1.4 proftpd.spec, 1.16, 1.17 sources, 1.11, 1.12 proftpd-1.3.2a-defines.patch, 1.1, NONE
- Next message: rpms/proftpd/F-10 .cvsignore, 1.15, 1.16 proftpd.pam, 1.4, 1.5 proftpd.spec, 1.48, 1.49 sources, 1.15, 1.16 proftpd-1.3.2a-defines.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: pghmcfc
Update of /cvs/pkgs/rpms/proftpd/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28776/EL-5
Modified Files:
.cvsignore proftpd.pam proftpd.spec sources
Removed Files:
proftpd-1.3.2a-defines.patch
Log Message:
Update F-10, F-11, EL-4, EL-5 to 1.3.2b (fixes improper SSL/TLS certificate subjectAltName verification - CVE-2009-3639)
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/EL-5/.cvsignore,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- .cvsignore 2 Sep 2009 09:56:32 -0000 1.14
+++ .cvsignore 16 Nov 2009 20:05:30 -0000 1.15
@@ -1,3 +1,3 @@
-proftpd-1.3.2a.tar.bz2
+proftpd-1.3.2b.tar.bz2
proftpd-mod-vroot-0.8.5.tar.gz
proftpd-mod-exec-0.9.6.tar.gz
Index: proftpd.pam
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/EL-5/proftpd.pam,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- proftpd.pam 19 Aug 2009 15:41:05 -0000 1.3
+++ proftpd.pam 16 Nov 2009 20:05:30 -0000 1.4
@@ -1,8 +1,8 @@
#%PAM-1.0
-session optional pam_keyinit.so force revoke
-auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
-auth required pam_shells.so
-auth include system-auth
-account include system-auth
-session include system-auth
+session optional pam_keyinit.so force revoke
+auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
+auth required pam_shells.so
+auth include password-auth
+account include password-auth
session required pam_loginuid.so
+session include password-auth
Index: proftpd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/EL-5/proftpd.spec,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -p -r1.36 -r1.37
--- proftpd.spec 7 Sep 2009 13:40:45 -0000 1.36
+++ proftpd.spec 16 Nov 2009 20:05:30 -0000 1.37
@@ -7,11 +7,11 @@
%endif
#global prever rc3
-%global rpmrel 5
+%global rpmrel 1
Summary: Flexible, stable and highly-configurable FTP server
Name: proftpd
-Version: 1.3.2a
+Version: 1.3.2b
Release: %{?prever:0.}%{rpmrel}%{?prever:.%{prever}}%{?dist}
License: GPLv2+
Group: System Environment/Daemons
@@ -29,7 +29,6 @@ Source9: proftpd.sysconfig
Source10: http://www.castaglia.org/proftpd/modules/proftpd-mod-vroot-0.8.5.tar.gz
Source11: http://www.castaglia.org/proftpd/modules/proftpd-mod-exec-0.9.6.tar.gz
Patch0: proftpd-1.3.2rc3-nostrip.patch
-Patch1: proftpd-1.3.2a-defines.patch
Patch2: proftpd-1.3.2-parallel-build.patch
Patch3: proftpd-1.3.2a-mlsd.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -93,9 +92,6 @@ Module to add PostgreSQL support to the
# Don't strip binaries - needed for useful debuginfo
%patch0 -p1 -b .nostrip
-# Reinstate command-line defines (http://bugs.proftpd.org/3221)
-%patch1 -p1 -b .defines
-
# Fix parallel build (http://bugs.proftpd.org/3189)
%patch2 -p1 -b .parallel
@@ -118,15 +114,20 @@ Module to add PostgreSQL support to the
%{__cp} -p %{SOURCE8} proftpd-quota.schema
# PAM Configuration:
+# Default PAM configuration file uses password-auth common config;
+# revert to system-auth if password-auth is not available
+%{__cp} -p %{SOURCE6} .
+if [ ! -f /etc/pam.d/password-auth ]; then
+ %{__sed} -i -e s/password-auth/system-auth/ proftpd.pam
+fi
# The "include" syntax used in our PAM configuration file was introduced in
# PAM 0.78 and is therefore supported in FC-5 and EL-5 onwards; older
# distributions such as EL-4 (PAM 0.77) need to fall back to using the
# now-deprecated pam_stack module. Since the pam-devel package doesn't
-# include a pkgconfig file from whice we could check the version number, we
+# include a pkgconfig file from which we could check the version number, we
# instead check for the absence of the file /etc/pam.d/config-util, which is
# present in all PAM packages from 0.80 onwards and acts as a useful
# indicator of the need to fall back to pam_stack.
-%{__cp} -p %{SOURCE6} .
[ ! -f /etc/pam.d/config-util ] && %{__sed} -i -e \
's/include[[:space:]]*system-auth/required'\ \ \ \ \ 'pam_stack.so service=system-auth/' \
proftpd.pam
@@ -290,13 +291,29 @@ fi
%changelog
+* Wed Oct 21 2009 Paul Howarth <paul at city-fan.org> 1.3.2b-1
+- Update to 1.3.2b
+ - Fixed regression causing command-line define options not to work (bug 3221)
+ - Fixed SSL/TLS cert subjectAltName verification (bug 3275, CVE-2009-3639)
+ - Use correct cached user values with "SQLNegativeCache on" (bug 3282)
+ - Fix slower transfers of multiple small files (bug 3284)
+ - Support MaxTransfersPerHost, MaxTransfersPerUser properly (bug 3287)
+ - Handle symlinks to directories with trailing slashes properly (bug 3297)
+- Drop upstreamed defines patch (bug 3221)
+
+* Thu Sep 17 2009 Paul Howarth <paul at city-fan.org> 1.3.2a-7
+- Restore backward SRPM compatibility broken by previous change
+
+* Wed Sep 16 2009 Tomas Mraz <tmraz at redhat.com> 1.3.2a-6
+- Use password-auth common PAM configuration instead of system-auth
+
* Mon Sep 7 2009 Paul Howarth <paul at city-fan.org> 1.3.2a-5
- Add upstream patch for MLSD with dirnames containing glob chars (#521634)
* Wed Sep 2 2009 Paul Howarth <paul at city-fan.org> 1.3.2a-4
- New DSO module: mod_exec (#520214)
-* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 1.3.2a-3.1
+* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> 1.3.2a-3.1
- Rebuilt with new openssl
* Wed Aug 19 2009 Paul Howarth <paul at city-fan.org> 1.3.2a-3
@@ -351,7 +368,7 @@ fi
bundled one, and eliminate log messages like:
kernel: warning: `proftpd' uses 32-bit capabilities (legacy support in use)
-* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.2-3.1
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> 1.3.2-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Apr 9 2009 Matthias Saou <http://freshrpms.net/> 1.3.2-2.1
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/proftpd/EL-5/sources,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- sources 2 Sep 2009 09:56:33 -0000 1.14
+++ sources 16 Nov 2009 20:05:30 -0000 1.15
@@ -1,3 +1,3 @@
-ad3cbb5db30c5ae39e09b308892392b3 proftpd-1.3.2a.tar.bz2
+0d6777839f37115654ce384841f68131 proftpd-1.3.2b.tar.bz2
139fc328c43a9afbe290ec787713096b proftpd-mod-vroot-0.8.5.tar.gz
dfcaf605f116c29d7b4771a9b02f509b proftpd-mod-exec-0.9.6.tar.gz
--- proftpd-1.3.2a-defines.patch DELETED ---
- Previous message: rpms/proftpd/EL-4 .cvsignore, 1.11, 1.12 proftpd.pam, 1.3, 1.4 proftpd.spec, 1.16, 1.17 sources, 1.11, 1.12 proftpd-1.3.2a-defines.patch, 1.1, NONE
- Next message: rpms/proftpd/F-10 .cvsignore, 1.15, 1.16 proftpd.pam, 1.4, 1.5 proftpd.spec, 1.48, 1.49 sources, 1.15, 1.16 proftpd-1.3.2a-defines.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list