Fedora 10 Update: proftpd-1.3.2a-5.fc10
Summary
ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory
visibility.
This package defaults to the standalone behaviour of ProFTPD, but all the
needed scripts to have it run by xinetd instead are included.
Update Information:
This update has a large number of changes from previous Fedora packages; the highlights are as follows: - Update to upstream release 1.3.2a - Fix SQL injection vulnerability at login (#485125, CVE-2009-0542) - Fix SELinux compatibility (#498375) - Fix audit logging (#506735) - Fix default configuration (#509251) - Many new loadable modules including mod_ctrls_admin and mod_wrap2 - National Language Support (RFC 2640) - Enable/disable common features in /etc/sysconfig/proftpd
Change Log
* Mon Sep 7 2009 Paul Howarth
References
[ 1 ] Bug #485125 - CVE-2009-0542 proftpd: SQL injection during login https://bugzilla.redhat.com/show_bug.cgi?id=485125
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update proftpd' at the command line. For more information, refer to "Managing Software with yum", available at .