rpms/proftpd/devel proftpd-1.3.1rc3-configh.patch, NONE, 1.1 proftpd-1.3.1rc3-mod_sql_mysql-fix.patch, NONE, 1.1 .cvsignore, 1.9, 1.10 proftpd-xinetd, 1.3, 1.4 proftpd.conf, 1.7, 1.8 proftpd.init, 1.5, 1.6 proftpd.spec, 1.32, 1.33 sources, 1.9, 1.10 proftpd-1.3.0-cmdbufsize.patch, 1.2, NONE proftpd-1.3.0-ctrls-restart.patch, 1.1, NONE proftpd-1.3.0-mod_tls.patch, 1.1, NONE proftpd-1.3.0-rpath.patch, 1.1, NONE proftpd-1.3.0a-ctrls-bug2867.patch, 1.1, NONE proftpd-1.3.0a-open.patch, 1.1, NONE
Matthias Saou (thias)
fedora-extras-commits at redhat.com
Sun Aug 19 16:19:02 UTC 2007
Author: thias
Update of /cvs/extras/rpms/proftpd/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19590
Modified Files:
.cvsignore proftpd-xinetd proftpd.conf proftpd.init
proftpd.spec sources
Added Files:
proftpd-1.3.1rc3-configh.patch
proftpd-1.3.1rc3-mod_sql_mysql-fix.patch
Removed Files:
proftpd-1.3.0-cmdbufsize.patch
proftpd-1.3.0-ctrls-restart.patch proftpd-1.3.0-mod_tls.patch
proftpd-1.3.0-rpath.patch proftpd-1.3.0a-ctrls-bug2867.patch
proftpd-1.3.0a-open.patch
Log Message:
Update to 1.3.1rc3, an RC but it fixes all known vulnerabilities at last.
proftpd-1.3.1rc3-configh.patch:
--- NEW FILE proftpd-1.3.1rc3-configh.patch ---
diff -Naupr proftpd-1.3.1rc3.orig/lib/sstrncpy.c proftpd-1.3.1rc3/lib/sstrncpy.c
--- proftpd-1.3.1rc3.orig/lib/sstrncpy.c 2006-12-06 05:05:31.000000000 +0100
+++ proftpd-1.3.1rc3/lib/sstrncpy.c 2007-08-19 17:45:27.000000000 +0200
@@ -24,6 +24,10 @@
* the source code for OpenSSL in the source distribution.
*/
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
proftpd-1.3.1rc3-mod_sql_mysql-fix.patch:
--- NEW FILE proftpd-1.3.1rc3-mod_sql_mysql-fix.patch ---
diff -Naupr proftpd-1.3.1rc3.orig/contrib/mod_sql_mysql.c proftpd-1.3.1rc3/contrib/mod_sql_mysql.c
--- proftpd-1.3.1rc3.orig/contrib/mod_sql_mysql.c 2007-05-09 19:15:18.000000000 +0200
+++ proftpd-1.3.1rc3/contrib/mod_sql_mysql.c 2007-08-19 17:48:39.000000000 +0200
@@ -595,7 +595,7 @@ MODRET cmd_defineconnection(cmd_rec *cmd
}
if (!conn_pool) {
- pr_log_pri(PR_LOG_WARNING, "warning: the mod_sql_mysql module has not been
+ pr_log_pri(PR_LOG_WARNING, "warning: the mod_sql_mysql module has not been "
"properly intialized. Please make sure your --with-modules configure "
"option lists mod_sql *before* mod_sql_mysql, and recompile.");
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/.cvsignore,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- .cvsignore 27 Nov 2006 17:53:07 -0000 1.9
+++ .cvsignore 19 Aug 2007 16:18:30 -0000 1.10
@@ -1 +1 @@
-proftpd-1.3.0a.tar.bz2
+proftpd-1.3.1rc3.tar.bz2
Index: proftpd-xinetd
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/proftpd-xinetd,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- proftpd-xinetd 9 Nov 2004 02:50:04 -0000 1.3
+++ proftpd-xinetd 19 Aug 2007 16:18:30 -0000 1.4
@@ -1,5 +1,4 @@
# default: off
-# $Id$
# description: The ProFTPD FTP server serves FTP connections. It uses \
# normal, unencrypted usernames and passwords for authentication.
service ftp
Index: proftpd.conf
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/proftpd.conf,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- proftpd.conf 3 Jul 2006 17:29:18 -0000 1.7
+++ proftpd.conf 19 Aug 2007 16:18:30 -0000 1.8
@@ -1,5 +1,4 @@
# This is the ProFTPD configuration file
-# $Id$
ServerName "ProFTPD server"
ServerIdent on "FTP Server ready."
Index: proftpd.init
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/proftpd.init,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- proftpd.init 21 Apr 2006 17:05:11 -0000 1.5
+++ proftpd.init 19 Aug 2007 16:18:30 -0000 1.6
@@ -1,11 +1,10 @@
#!/bin/sh
-# $Id$
#
# proftpd This shell script takes care of starting and stopping
# proftpd.
#
# chkconfig: - 80 30
-# description: ProFTPD is an enhanced FTP server with a focus towards \
+# description: ProFTPd is an enhanced FTP server with a focus towards \
# simplicity, security, and ease of configuration. \
# It features a very Apache-like configuration syntax, \
# and a highly customizable server infrastructure, \
@@ -15,6 +14,19 @@
# config: /etc/proftp.conf
# pidfile: /var/run/proftpd.pid
+### BEGIN INIT INFO
+# Provides: proftpd ftpserver
+# Required-Start: $local_fs $network $named $remote_fs
+# Required-Stop: $local_fs $network $named $remote_fs
+# Short-Description: ProFTPd FTP Server
+# Description: ProFTPd is an enhanced FTP server with a focus towards
+# simplicity, security, and ease of configuration.
+# It features a very Apache-like configuration syntax,
+# and a highly customizable server infrastructure,
+# including support for multiple 'virtual' FTP servers,
+# anonymous FTP, and permission-based directory visibility.
+### END INIT INFO
+
# Source function library.
. /etc/rc.d/init.d/functions
@@ -62,21 +74,21 @@
stop
start
;;
- condrestart)
+ try-restart|condrestart)
if [ -f /var/lock/subsys/proftpd ]; then
stop
start
fi
;;
- reload)
+ reload|force-reload)
echo -n $"Re-reading $prog configuration: "
killproc proftpd -HUP
RETVAL=$?
echo
;;
*)
- echo "Usage: $prog {start|stop|restart|reload|condrestart|status}"
- exit 1
+ echo "Usage: $prog {start|stop|restart|try-restart|reload|status}"
+ exit 2
esac
exit $RETVAL
Index: proftpd.spec
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/proftpd.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- proftpd.spec 12 Aug 2007 14:03:51 -0000 1.32
+++ proftpd.spec 19 Aug 2007 16:18:30 -0000 1.33
@@ -1,23 +1,21 @@
+%define prever rc3
+
Summary: Flexible, stable and highly-configurable FTP server
Name: proftpd
-Version: 1.3.0a
-Release: 8%{?dist}
+Version: 1.3.1
+Release: 0.1.%{prever}%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://www.proftpd.org/
-Source0: ftp://ftp.proftpd.org/distrib/source/proftpd-%{version}.tar.bz2
+Source0: ftp://ftp.proftpd.org/distrib/source/proftpd-%{version}%{prever}.tar.bz2
Source1: proftpd.conf
Source2: proftpd.init
Source3: proftpd-xinetd
Source4: proftpd.logrotate
Source5: welcome.msg
Source6: proftpd.pam
-Patch0: proftpd-1.3.0-rpath.patch
-Patch1: proftpd-1.3.0-ctrls-restart.patch
-Patch2: proftpd-1.3.0-cmdbufsize.patch
-Patch3: proftpd-1.3.0-mod_tls.patch
-Patch4: proftpd-1.3.0a-ctrls-bug2867.patch
-Patch5: proftpd-1.3.0a-open.patch
+Patch0: proftpd-1.3.1rc3-configh.patch
+Patch1: proftpd-1.3.1rc3-mod_sql_mysql-fix.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
Requires: pam >= 0.59
Requires(post): /sbin/chkconfig
@@ -67,13 +65,9 @@
%prep
-%setup -q
-%patch0 -p1 -b .rpath
-%patch1 -p0 -b .ctrls-restart
-%patch2 -p1 -b .cmdbufsize
-%patch3 -p0 -b .mod_tls
-%patch4 -p0 -b .ctrls-bug2867
-%patch5 -p1 -b .open
+%setup -q -n %{name}-%{version}%{prever}
+%patch0 -p1 -b .configh
+%patch1 -p1 -b .mod_sql_mysql-fix
%build
@@ -87,6 +81,7 @@
--enable-facl \
--enable-dso \
--enable-ipv6 \
+ --enable-openssl \
--with-libraries="%{_libdir}/mysql" \
--with-includes="%{_includedir}/mysql" \
--with-modules=mod_readme:mod_auth_pam:mod_tls \
@@ -163,6 +158,7 @@
%{_sysconfdir}/rc.d/init.d/proftpd
%{_mandir}/man?/*
%{_bindir}/*
+%exclude %{_includedir}/proftpd/
%dir %{_libexecdir}/proftpd/
%{_libexecdir}/proftpd/mod_quotatab.so
%{_libexecdir}/proftpd/mod_quotatab_file.so
@@ -196,6 +192,16 @@
%changelog
+* Sun Aug 19 2007 Matthias Saou <http://freshrpms.net/> 1.3.1-0.1.rc3
+- Update to 1.3.1rc3 (the only version to fix #237533 aka CVE-2007-2165).
+- Remove all patches, none are useful anymore.
+- Patch sstrncpy.c for config.h not being included (reported upstream #2964).
+- Patch mod_sql_mysql.c to fix a typo (already fixed in CVS upstream).
+- Exclude new headers, at least until some first 3rd party module shows up.
+- Clean up old leftover CVS strings from our extra files.
+- LSB-ize the init script (#247033).
+- Explicitly pass --enable-openssl since configure tells us "(default=no)".
+
* Sun Aug 12 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-8
- Fix logrotate entry to silence error when proftpd isn't running (#246392).
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/proftpd/devel/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 27 Nov 2006 17:53:07 -0000 1.9
+++ sources 19 Aug 2007 16:18:30 -0000 1.10
@@ -1 +1 @@
-cc2e99f38a810982f91d5cbe1f4091f0 proftpd-1.3.0a.tar.bz2
+485af3aee9ecebfeae1ae2003250a3a9 proftpd-1.3.1rc3.tar.bz2
--- proftpd-1.3.0-cmdbufsize.patch DELETED ---
--- proftpd-1.3.0-ctrls-restart.patch DELETED ---
--- proftpd-1.3.0-mod_tls.patch DELETED ---
--- proftpd-1.3.0-rpath.patch DELETED ---
--- proftpd-1.3.0a-ctrls-bug2867.patch DELETED ---
--- proftpd-1.3.0a-open.patch DELETED ---
More information about the fedora-extras-commits
mailing list