Hi Geoff

an update for the spec file was submitted on 2010-11-16 10:11:43. We
are just wating for the rebuild but dag is very busy so if you need it
_now_ you should rebuild it from the spec yourself.

Regards
Chris

Please see the archive for Proftpd Vulnerability on this list.

The spec file has been set, so now waiting for the rpm to be built.

Regards,

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/7ab1ac08/attachment.html

Good day,

Is proftpd 1.3.3c in the pipeline by any chance? A stack overflow has been discovered in the previous recent versions:

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c

http://bugs.proftpd.org/show_bug.cgi?id=3521

Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/68e06e2f/attachment-0001.html

Hi Geoff

an update for the spec file was submitted on 2010-11-16 10:11:43. We
are just wating for the rebuild but dag is very busy so if you need it
_now_ you should rebuild it from the spec yourself.

Regards
Chris

Please see the archive for Proftpd Vulnerability on this list.

The spec file has been set, so now waiting for the rpm to be built.

Regards,

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/7ab1ac08/attachment-0001.html

Good day,

Is proftpd 1.3.3c in the pipeline by any chance? A stack overflow has been discovered in the previous recent versions:

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c

http://bugs.proftpd.org/show_bug.cgi?id=3521

Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/68e06e2f/attachment-0002.html

Hi Geoff

an update for the spec file was submitted on 2010-11-16 10:11:43. We
are just wating for the rebuild but dag is very busy so if you need it
_now_ you should rebuild it from the spec yourself.

Regards
Chris

Please see the archive for Proftpd Vulnerability on this list.

The spec file has been set, so now waiting for the rpm to be built.

Regards,

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/7ab1ac08/attachment-0002.html

Good day,

Is proftpd 1.3.3c in the pipeline by any chance? A stack overflow has been discovered in the previous recent versions:

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c

http://bugs.proftpd.org/show_bug.cgi?id=3521

Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/68e06e2f/attachment-0003.html

Hi Geoff

an update for the spec file was submitted on 2010-11-16 10:11:43. We
are just wating for the rebuild but dag is very busy so if you need it
_now_ you should rebuild it from the spec yourself.

Regards
Chris

Please see the archive for Proftpd Vulnerability on this list.

The spec file has been set, so now waiting for the rpm to be built.

Regards,

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.repoforge.org/pipermail/users/attachments/20101118/7ab1ac08/attachment-0003.html

Good day,

Is proftpd 1.3.3c in the pipeline by any chance? A stack overflow has been discovered in the previous recent versions:

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c

http://bugs.proftpd.org/show_bug.cgi?id=3521

Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.repoforge.org/pipermail/users/attachments/20101118/68e06e2f/attachment-0004.html>

Hi Geoff

an update for the spec file was submitted on 2010-11-16 10:11:43. We
are just wating for the rebuild but dag is very busy so if you need it
_now_ you should rebuild it from the spec yourself.

Regards
Chris

Please see the archive for Proftpd Vulnerability on this list.

The spec file has been set, so now waiting for the rpm to be built.

Regards,

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.repoforge.org/pipermail/users/attachments/20101118/7ab1ac08/attachment-0004.html>

That's hilarious! I think ProFTPD should finally switch over to vsftpd
for their mirrors. Anyone to check the md5 from the SRPM (just in case)?
ftp.proftpd.org compromised
[01/Dec/2010]

The ProFTPD Project team is sorry to announce that the Project's main
FTP server, as well as all of the mirror servers, have carried
compromised versions of the ProFTPD 1.3.3c source code, from the
November 28 2010 to December 2 2010. All users who run versions of
ProFTPD which have been downloaded and compiled in this time window are
strongly advised to check their systems for security compromises and
install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures
which can be found here as well as on the FTP servers.

The source code in CVS was not affected.
1.3.3c released
[29/Oct/2010]

The ProFTPD Project team has released 1.3.3c to the community. This is
an important security release, containing fixes for a Telnet IAC
handling vulnerability and a directory traversal vulnerability in the
mod_site_misc module. The RELEASE_NOTES and NEWS files contain the full
details.

That's hilarious! I think ProFTPD should finally switch over to vsftpd
for their mirrors. Anyone to check the md5 from the SRPM (just in case)?
ftp.proftpd.org compromised
[01/Dec/2010]

The ProFTPD Project team is sorry to announce that the Project's main
FTP server, as well as all of the mirror servers, have carried
compromised versions of the ProFTPD 1.3.3c source code, from the
November 28 2010 to December 2 2010. All users who run versions of
ProFTPD which have been downloaded and compiled in this time window are
strongly advised to check their systems for security compromises and
install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures
which can be found here as well as on the FTP servers.

The source code in CVS was not affected.
1.3.3c released
[29/Oct/2010]

The ProFTPD Project team has released 1.3.3c to the community. This is
an important security release, containing fixes for a Telnet IAC
handling vulnerability and a directory traversal vulnerability in the
mod_site_misc module. The RELEASE_NOTES and NEWS files contain the full
details.

That's hilarious! I think ProFTPD should finally switch over to vsftpd
for their mirrors. Anyone to check the md5 from the SRPM (just in case)?
ftp.proftpd.org compromised
[01/Dec/2010]

The ProFTPD Project team is sorry to announce that the Project's main
FTP server, as well as all of the mirror servers, have carried
compromised versions of the ProFTPD 1.3.3c source code, from the
November 28 2010 to December 2 2010. All users who run versions of
ProFTPD which have been downloaded and compiled in this time window are
strongly advised to check their systems for security compromises and
install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures
which can be found here as well as on the FTP servers.

The source code in CVS was not affected.
1.3.3c released
[29/Oct/2010]

The ProFTPD Project team has released 1.3.3c to the community. This is
an important security release, containing fixes for a Telnet IAC
handling vulnerability and a directory traversal vulnerability in the
mod_site_misc module. The RELEASE_NOTES and NEWS files contain the full
details.

That's hilarious! I think ProFTPD should finally switch over to vsftpd
for their mirrors. Anyone to check the md5 from the SRPM (just in case)?
ftp.proftpd.org compromised
[01/Dec/2010]

The ProFTPD Project team is sorry to announce that the Project's main
FTP server, as well as all of the mirror servers, have carried
compromised versions of the ProFTPD 1.3.3c source code, from the
November 28 2010 to December 2 2010. All users who run versions of
ProFTPD which have been downloaded and compiled in this time window are
strongly advised to check their systems for security compromises and
install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures
which can be found here as well as on the FTP servers.

The source code in CVS was not affected.
1.3.3c released
[29/Oct/2010]

The ProFTPD Project team has released 1.3.3c to the community. This is
an important security release, containing fixes for a Telnet IAC
handling vulnerability and a directory traversal vulnerability in the
mod_site_misc module. The RELEASE_NOTES and NEWS files contain the full
details.

That's hilarious! I think ProFTPD should finally switch over to vsftpd
for their mirrors. Anyone to check the md5 from the SRPM (just in case)?
ftp.proftpd.org compromised
[01/Dec/2010]

The ProFTPD Project team is sorry to announce that the Project's main
FTP server, as well as all of the mirror servers, have carried
compromised versions of the ProFTPD 1.3.3c source code, from the
November 28 2010 to December 2 2010. All users who run versions of
ProFTPD which have been downloaded and compiled in this time window are
strongly advised to check their systems for security compromises and
install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures
which can be found here as well as on the FTP servers.

The source code in CVS was not affected.
1.3.3c released
[29/Oct/2010]

The ProFTPD Project team has released 1.3.3c to the community. This is
an important security release, containing fixes for a Telnet IAC
handling vulnerability and a directory traversal vulnerability in the
mod_site_misc module. The RELEASE_NOTES and NEWS files contain the full
details.