Ubuntu
proftpd-dfsg package

Sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)

Bug #741104 reported by Mahyuddin Susanto
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
proftpd-dfsg (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/proftpd-dfsg
 status new
 importance wishlist
 subscribe ubuntu-sponsors
 done

Please sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)

Changelog entry since 1.3.3d-4 in natty release

proftpd-dfsg (1.3.3d-8) unstable; urgency=high

  * debian/patches/3624 updated for a better management of possible NULL
    value.

 -- Francesco Paolo Lovergine <email address hidden> Wed, 23 Mar 2011 10:49:44 +0100
proftpd-dfsg (1.3.3d-7) unstable; urgency=high

   * [SECURITY] new patch debian/patches/3624: this patch fixes the issue by
     causing mod_tls to clear the buffers of any data received from the
client,
     once the SSL/TLS handshake has succeeded.

 -- Francesco Paolo Lovergine <email address hidden> Mon, 21 Mar 2011
22:48:51 +0100
proftpd-dfsg (1.3.3d-6) unstable; urgency=low

   * Moved ftp user home to /srv/ftp as used by other ftp servers.
     (closes: #618888)
   * Now ftp home and user are removed on purge (old or new one).
   * Removing the whole log directory on purge.

 -- Francesco Paolo Lovergine <email address hidden> Mon, 21 Mar 2011
11:29:10 +0100
proftpd-dfsg (1.3.3d-5) unstable; urgency=low

   [ Francesco Paolo Lovergine <email address hidden> ]
   * Annotated CVE IDs in debian/changelog for recent vulnerabilities fixed.

   [ Mahyuddin Susanto <email address hidden> ]
   * Add DEP-3 header in patches:
     - debian/patches/mod_cap
     - debian/patches/ftpstats
     - debian/patches/series
     - debian/patches/xferstats.holger-preiss
     - debian/patches/CVE-2011-1137
     - debian/patches/odbc
     - debian/patches/silent
     - debian/patches/mod_sql_mysql.c
     - debian/patches/ftpasswd.cracklib.location
     - debian/patches/autotools
     - debian/patches/prxs
     - debian/patches/mod_vroot
     - debian/patches/quotatab_modules
     - debian/patches/mod_wrap_noparanoid
     - debian/patches/change_pam_name
   * debian/copyright: Rewriting as per DEP-5 machine readable.
   * Fix typo in 1.3.3d-4 changelog.
   * debian/ftpasswd.8
     - Remove white space
     - Using hypen instead of minus sign in manual page.
   * debian/patches/use_hypen_in_manpage.patch: Do not use minus sign in
manual
     page.
   * Use set -e instead of passed -e to the shell on the #! line in the
body of
     script
      - proftpd-basic.config
      - proftpd-basic.postrm
      - proftpd-basic.preinst
   * Override lintian to trivial error checking
     - debian/proftpd-basic.lintian-overrides
     - debian/proftpd-dev.lintian-overrides

   [ Francesco Paolo Lovergine ]
   * Fixed a typo in debian/proftpd-substvars.in and regenerated the
template.
   * Fixed a typo in proftpd-dev.README.Debian

 -- Francesco Paolo Lovergine <email address hidden> Thu, 17 Mar 2011
13:16:12 +0100

There's no new features, only bug fixes:
 - CVE-2011-0411
 - Bug Debian #618888
 - fixing piuparts problem
 - fixing lintian warning
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJNiiAhAAoJELmHbrCQs2xbTfgP/jUO1APqQBCHLxosMLzE1hsT
otXJgD7Askbm/PpHTogi+CenTSb3pZl8I007umgVIrkI+k1BKZjIiiwzEf8Xs+RM
8/403IvRIwOptvpw6IxVP4VUI12XXNC3oBZtlWf5dGjDu8Grjbb6D9zCu/RhIUtU
Web/u4H7NGHyMKDguJi+vCUPVbZUEmXSHSdWnTBt0ro1epOcVsQKpUI3hRBUESXp
e8SdLZnifXgQpPMnNleeVbVe4//p0K7zLOEAAnuJD0+ASGVaVqZbuD7lYcz3/3UW
gAj9hpOcl86g1FaXPd3hr72GtSaA1aZEeeHPzlb69gkAtkZhSZQ1tHr9TZ6RXkJo
6kmRq++c4DGfGUF14rAK+XL3FtXh1dJWMaJZUcS/Pa7uW37UHXLYgGqPT5cPLsBP
bQYv5FqzlTTHjM6P6qoOu7+jYf5w3jdy8fAAtB4xkJEXRFkse6Ylroh+tHXJ6bgS
DWO3X4Qu+aSr7+zO/MdMDrz/hz81P0Ce/Pd+dJUs6hFVvA5Y3ZUvrV0EXLQbB691
ddTheeGSr3/sErFcMO4xok9nGebqK0mQnKr3mOb9EvyyLzsyiC7W0ljiRriLgWEK
pnyBqccPiD/d3tIZkNZKb/HBmCRDPioYN7Yl15Q7lUsuYazn9TzPISdBXd5mGC3G
5iTovxL3ao3MqkJifTvS
=H2au
-----END PGP SIGNATURE-----

See original description

CVE References

Mahyuddin Susanto (udienz)
summary: - Sync proftpd-dfsg 1.3.3d-7 (universe) from Debian Unstable (main)
+ Sync proftpd-dfsg 1.3.3d-8 (universe) from Debian Unstable (main)
description: updated
description: updated
Revision history for this message
Artur Rona (ari-tczew) wrote :

I'll take this one.

Changed in proftpd-dfsg (Ubuntu):
status: New → In Progress
assignee: nobody → Artur Rona (ari-tczew)
Revision history for this message
Artur Rona (ari-tczew) wrote :

Thank you for your time and efforts making Ubuntu better! However, there is a FTBFS:

dpkg-buildpackage: host architecture i386
dpkg-checkbuilddeps: Unmet build dependencies: libcap-dev
dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied; aborting.
dpkg-buildpackage: warning: (Use -d flag to override.)
E: Failed autobuilding of package
I: unmounting /var/cache/pbuilder/ccache filesystem

I suggest to use just libcap-dev in Build-Depends. Try to get it in Debian and then sync.

BTW. I appreciate your efforts to improving package in Debian! Could you consider get use script 'wrap-and-sort -a -v' there and in future, try to rewrite d/rules to use tiny version by overrides?

Changed in proftpd-dfsg (Ubuntu):
assignee: Artur Rona (ari-tczew) → nobody
status: In Progress → Incomplete
Revision history for this message
Mahyuddin Susanto (udienz) wrote :

Hello Artur

Yes, when we build in pbuilder it was FTBFS but if we built in PPA building is fine. not sure about this. you can see this log: https://code.launchpad.net/~pkg-proftpd-maintainers/+archive/unstable/+sourcepub/1565412/+listing-archive-extra

Ok, thanks i'll discuss with frankie about it

Artur Rona (ari-tczew)
Changed in proftpd-dfsg (Ubuntu):
status: Incomplete → New
Revision history for this message
Fabrice Coutadeur (fabricesp) wrote :

Sync request ack'd: Package builds fine, installs and runs fine.

Changed in proftpd-dfsg (Ubuntu):
status: New → Confirmed
Revision history for this message
Colin Watson (cjwatson) wrote :

2011-03-28 19:16:01 INFO proftpd-dfsg_1.3.3d.orig.tar.gz: already in distro - downloading from librarian
2011-03-28 19:16:03 INFO - <proftpd-dfsg_1.3.3d.orig.tar.gz: cached>
2011-03-28 19:16:03 INFO - <proftpd-dfsg_1.3.3d-8.dsc: downloading from http://ftp.debian.org/debian/>
[Updating] proftpd-dfsg (1.3.3d-4 [Ubuntu] < 1.3.3d-8 [Debian])
 * Trying to add proftpd-dfsg...
2011-03-28 19:16:04 INFO - <proftpd-dfsg_1.3.3d-8.debian.tar.gz: downloading from http://ftp.debian.org/debian/>
I: proftpd-dfsg [universe] -> proftpd-basic_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-dev_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-doc_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-mysql_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-pgsql_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-ldap_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-odbc_1.3.3d-4 [universe].
I: proftpd-dfsg [universe] -> proftpd-mod-sqlite_1.3.3d-4 [universe].

Changed in proftpd-dfsg (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.