Sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)

Bug #741104 reported by Mahyuddin Susanto on 2011-03-23
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
proftpd-dfsg (Ubuntu)
Wishlist
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/proftpd-dfsg
 status new
 importance wishlist
 subscribe ubuntu-sponsors
 done

Please sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)

Changelog entry since 1.3.3d-4 in natty release

proftpd-dfsg (1.3.3d-8) unstable; urgency=high

  * debian/patches/3624 updated for a better management of possible NULL
    value.

 -- Francesco Paolo Lovergine <email address hidden> Wed, 23 Mar 2011 10:49:44 +0100
proftpd-dfsg (1.3.3d-7) unstable; urgency=high

   * [SECURITY] new patch debian/patches/3624: this patch fixes the issue by
     causing mod_tls to clear the buffers of any data received from the
client,
     once the SSL/TLS handshake has succeeded.

 -- Francesco Paolo Lovergine <email address hidden> Mon, 21 Mar 2011
22:48:51 +0100
proftpd-dfsg (1.3.3d-6) unstable; urgency=low

   * Moved ftp user home to /srv/ftp as used by other ftp servers.
     (closes: #618888)
   * Now ftp home and user are removed on purge (old or new one).
   * Removing the whole log directory on purge.

 -- Francesco Paolo Lovergine <email address hidden> Mon, 21 Mar 2011
11:29:10 +0100
proftpd-dfsg (1.3.3d-5) unstable; urgency=low

   [ Francesco Paolo Lovergine <email address hidden> ]
   * Annotated CVE IDs in debian/changelog for recent vulnerabilities fixed.

   [ Mahyuddin Susanto <email address hidden> ]
   * Add DEP-3 header in patches:
     - debian/patches/mod_cap
     - debian/patches/ftpstats
     - debian/patches/series
     - debian/patches/xferstats.holger-preiss
     - debian/patches/CVE-2011-1137
     - debian/patches/odbc
     - debian/patches/silent
     - debian/patches/mod_sql_mysql.c
     - debian/patches/ftpasswd.cracklib.location
     - debian/patches/autotools
     - debian/patches/prxs
     - debian/patches/mod_vroot
     - debian/patches/quotatab_modules
     - debian/patches/mod_wrap_noparanoid
     - debian/patches/change_pam_name
   * debian/copyright: Rewriting as per DEP-5 machine readable.
   * Fix typo in 1.3.3d-4 changelog.
   * debian/ftpasswd.8
     - Remove white space
     - Using hypen instead of minus sign in manual page.
   * debian/patches/use_hypen_in_manpage.patch: Do not use minus sign in
manual
     page.
   * Use set -e instead of passed -e to the shell on the #! line in the
body of
     script
      - proftpd-basic.config
      - proftpd-basic.postrm
      - proftpd-basic.preinst
   * Override lintian to trivial error checking
     - debian/proftpd-basic.lintian-overrides
     - debian/proftpd-dev.lintian-overrides

   [ Francesco Paolo Lovergine ]
   * Fixed a typo in debian/proftpd-substvars.in and regenerated the
template.
   * Fixed a typo in proftpd-dev.README.Debian

 -- Francesco Paolo Lovergine <email address hidden> Thu, 17 Mar 2011
13:16:12 +0100

There's no new features, only bug fixes:
 - CVE-2011-0411
 - Bug Debian #618888
 - fixing piuparts problem
 - fixing lintian warning
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJNiiAhAAoJELmHbrCQs2xbTfgP/jUO1APqQBCHLxosMLzE1hsT
otXJgD7Askbm/PpHTogi+CenTSb3pZl8I007umgVIrkI+k1BKZjIiiwzEf8Xs+RM
8/403IvRIwOptvpw6IxVP4VUI12XXNC3oBZtlWf5dGjDu8Grjbb6D9zCu/RhIUtU
Web/u4H7NGHyMKDguJi+vCUPVbZUEmXSHSdWnTBt0ro1epOcVsQKpUI3hRBUESXp
e8SdLZnifXgQpPMnNleeVbVe4//p0K7zLOEAAnuJD0+ASGVaVqZbuD7lYcz3/3UW
gAj9hpOcl86g1FaXPd3hr72GtSaA1aZEeeHPzlb69gkAtkZhSZQ1tHr9TZ6RXkJo
6kmRq++c4DGfGUF14rAK+XL3FtXh1dJWMaJZUcS/Pa7uW37UHXLYgGqPT5cPLsBP
bQYv5FqzlTTHjM6P6qoOu7+jYf5w3jdy8fAAtB4xkJEXRFkse6Ylroh+tHXJ6bgS
DWO3X4Qu+aSr7+zO/MdMDrz/hz81P0Ce/Pd+dJUs6hFVvA5Y3ZUvrV0EXLQbB691
ddTheeGSr3/sErFcMO4xok9nGebqK0mQnKr3mOb9EvyyLzsyiC7W0ljiRriLgWEK
pnyBqccPiD/d3tIZkNZKb/HBmCRDPioYN7Yl15Q7lUsuYazn9TzPISdBXd5mGC3G
5iTovxL3ao3MqkJifTvS
=H2au
-----END PGP SIGNATURE-----

CVE References

summary: - Sync proftpd-dfsg 1.3.3d-7 (universe) from Debian Unstable (main)
+ Sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)
description: updated
description: updated
Artur Rona (ari-tczew) wrote :

I'll take this one.

Changed in proftpd-dfsg (Ubuntu):
status: New → In Progress
assignee: nobody → Artur Rona (ari-tczew)
Artur Rona (ari-tczew) wrote :

Thank you for your time and efforts making Ubuntu better! However, there is a FTBFS:

dpkg-buildpackage: host architecture i386
dpkg-checkbuilddeps: Unmet build dependencies: libcap-dev
dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied; aborting.
dpkg-buildpackage: warning: (Use -d flag to override.)
E: Failed autobuilding of package
I: unmounting /var/cache/pbuilder/ccache filesystem

I suggest to use just libcap-dev in Build-Depends. Try to get it in Debian and then sync.

BTW. I appreciate your efforts to improving package in Debian! Could you consider get use script 'wrap-and-sort -a -v' there and in future, try to rewrite d/rules to use tiny version by overrides?

Changed in proftpd-dfsg (Ubuntu):
assignee: Artur Rona (ari-tczew) → nobody
status: In Progress → Incomplete
Mahyuddin Susanto (udienz) wrote :

Hello Artur

Yes, when we build in pbuilder it was FTBFS but if we built in PPA building is fine. not sure about this. you can see this log: https://code.launchpad.net/~pkg-proftpd-maintainers/+archive/unstable/+sourcepub/1565412/+listing-archive-extra

Ok, thanks i'll discuss with frankie about it

Artur Rona (ari-tczew) on 2011-03-27
Changed in proftpd-dfsg (Ubuntu):
status: Incomplete → New
Fabrice Coutadeur (fabricesp) wrote :

Sync request ack'd: Package builds fine, installs and runs fine.

Changed in proftpd-dfsg (Ubuntu):
status: New → Confirmed
Colin Watson (cjwatson) wrote :

2011-03-28 19:16:01 INFO proftpd-dfsg_1.3.3d.orig.tar.gz: already in distro - downloading from librarian
2011-03-28 19:16:03 INFO - <proftpd-dfsg_1.3.3d.orig.tar.gz: cached>
2011-03-28 19:16:03 INFO - <proftpd-dfsg_1.3.3d-8.dsc: downloading from http://ftp.debian.org/debian/>
[Updating] proftpd-dfsg (1.3.3d-4 [Ubuntu] < 1.3.3d-8 [Debian])
 * Trying to add proftpd-dfsg...
2011-03-28 19:16:04 INFO - <proftpd-dfsg_1.3.3d-8.debian.tar.gz: downloading from http://ftp.debian.org/debian/>
I: proftpd-dfsg [universe] -> proftpd-basic_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-dev_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-doc_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-mysql_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-pgsql_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-ldap_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-odbc_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-sqlite_1.3.3d-4 [universe].

Changed in proftpd-dfsg (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers