Hello community,
here is the log from the commit of package pure-ftpd for openSUSE:Factory
checked in at Tue May 31 16:40:59 CEST 2011.
--------
--- pure-ftpd/pure-ftpd.changes 2011-04-11 14:04:58.000000000 +0200
+++ /mounts/work_src_done/STABLE/pure-ftpd/pure-ftpd.changes 2011-05-28 00:47:08.000000000 +0200
@@ -1,0 +2,22 @@
+Fri May 27 22:23:06 UTC 2011 - alexandre@exatati.com.br
+
+- Update to 1.0.32:
+ - Support SHA1 password hashing in MySQL and PostgreSQL backends
+ - Support for braces expansion in directory listings has been
+ disabled - Cf. CVE-2011-0418
+- Aditional changes FROM 1.0.31:
+ - Introduce --tlsciphersuite (-J) to set the list of allowed ciphers,
+ thanks to Todd Rinaldo.
+ - The -F switch has been documented in the built-in help.
+ - Shell-like escaping is now partially handled when emulating the "ls"
+ command.
+ - Use my_make_scrambled_password() instead of make_scrambled_password().
+ Suggested by Arkadiusz Miskiewicz.
+- Refresh and fix patch for [bnc#407363]:
+ - old: patch pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch
+ - new: patch pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch
+- Refresh PassivePortRange patch:
+ - old: pure-ftpd-1.0.21-portrange.patch
+ - new: pure-ftpd-1.0.32-portrange.patch
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
pure-ftpd-1.0.21-portrange.patch
pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch
pure-ftpd-1.0.30.tar.gz
New:
----
pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch
pure-ftpd-1.0.32-portrange.patch
pure-ftpd-1.0.32.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pure-ftpd.spec ++++++
--- /var/tmp/diff_new_pack.niK61e/_old 2011-05-31 16:40:24.000000000 +0200
+++ /var/tmp/diff_new_pack.niK61e/_new 2011-05-31 16:40:24.000000000 +0200
@@ -20,13 +20,13 @@
%define with_oes 0
Name: pure-ftpd
-Version: 1.0.30
+Version: 1.0.32
Release: 1
License: BSD3c
Summary: A Lightweight, Fast, and Secure FTP Server
Url: http://www.pureftpd.org
Group: Productivity/Networking/Ftp/Servers
-Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.gz
+Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.bz2
Source1: %{name}.init
Source2: %{name}.pamd
Source3: %{name}.xinetd
@@ -39,9 +39,10 @@
# PATCH-FEATURE-OPENSUSE %{name}-1.0.20_virtualhosts.patch -- Custom VHOST_PATH on openSUSE.
Patch2: %{name}-1.0.20_virtualhosts.patch
Patch5: %{name}-1.0.20_ftpwho_path.patch
-Patch7: %{name}-1.0.22-default_tcp_sedrcv_buffer_size.patch
-# PATCH-FEATURE-OPENSUSE %{name}-1.0.21-portrange.patch -- Add PassivePortRange to "%numpairc_switch_for".
-Patch8: %{name}-1.0.21-portrange.patch
+# PATCH-FIX-UPSTREAM %{name}-1.0.32-default_tcp_sedrcv_buffer_size.patch
+Patch7: %{name}-1.0.32-default_tcp_sedrcv_buffer_size.patch
+# PATCH-FEATURE-OPENSUSE %{name}-1.0.32-portrange.patch -- Add PassivePortRange to "%numpairc_switch_for".
+Patch8: %{name}-1.0.32-portrange.patch
# OES patches - see %with_oes
Patch100: %{name}-1.0.20-oes_remote_server.patch
Patch101: pure-ftpd-1.0.22-oes-bugfix-534424.patch
++++++ pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch -> pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch ++++++
--- pure-ftpd/pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch 2011-04-11 14:04:57.000000000 +0200
+++ /mounts/work_src_done/STABLE/pure-ftpd/pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch 2011-05-28 00:47:03.000000000 +0200
@@ -1,21 +1,17 @@
Index: configure
===================================================================
---- configure.orig 2010-12-30 11:42:52.000000000 +0100
-+++ configure 2011-04-11 13:55:41.566322096 +0200
-@@ -23271,163 +23271,12 @@
- echo "${ECHO_T}no" >&6; }
+--- configure.orig
++++ configure
+@@ -11160,107 +11160,12 @@ else
+ $as_echo "no" >&6; }
fi
--{ echo "$as_me:$LINENO: checking default TCP send buffer size" >&5
--echo $ECHO_N "checking default TCP send buffer size... $ECHO_C" >&6; }
--if test "$cross_compiling" = yes; then
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking default TCP send buffer size" >&5
+-$as_echo_n "checking default TCP send buffer size... " >&6; }
+-if test "$cross_compiling" = yes; then :
- CONF_TCP_SO_SNDBUF=65536
-else
-- cat >conftest.$ac_ext <<_ACEOF
--/* confdefs.h. */
--_ACEOF
--cat confdefs.h >>conftest.$ac_ext
--cat >>conftest.$ac_ext <<_ACEOF
+- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#include
@@ -44,41 +40,17 @@
-}
-
-_ACEOF
--rm -f conftest$ac_exeext
--if { (ac_try="$ac_link"
--case "(($ac_try" in
-- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-- *) ac_try_echo=$ac_try;;
--esac
--eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-- (eval "$ac_link") 2>&5
-- ac_status=$?
-- echo "$as_me:$LINENO: \$? = $ac_status" >&5
-- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
-- { (case "(($ac_try" in
-- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-- *) ac_try_echo=$ac_try;;
--esac
--eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-- (eval "$ac_try") 2>&5
-- ac_status=$?
-- echo "$as_me:$LINENO: \$? = $ac_status" >&5
-- (exit $ac_status); }; }; then
+-if ac_fn_c_try_run "$LINENO"; then :
- CONF_TCP_SO_SNDBUF=`cat conftestval`
-else
-- echo "$as_me: program exited with status $ac_status" >&5
--echo "$as_me: failed program was:" >&5
--sed 's/^/| /' conftest.$ac_ext >&5
--
--( exit $ac_status )
--CONF_TCP_SO_SNDBUF=65536
+- CONF_TCP_SO_SNDBUF=65536
-fi
--rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
--
--{ echo "$as_me:$LINENO: result: $CONF_TCP_SO_SNDBUF" >&5
--echo "${ECHO_T}$CONF_TCP_SO_SNDBUF" >&6; }
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CONF_TCP_SO_SNDBUF" >&5
+-$as_echo "$CONF_TCP_SO_SNDBUF" >&6; }
-
-
cat >>confdefs.h <<_ACEOF
@@ -87,16 +59,12 @@
_ACEOF
-
--{ echo "$as_me:$LINENO: checking default TCP receive buffer size" >&5
--echo $ECHO_N "checking default TCP receive buffer size... $ECHO_C" >&6; }
--if test "$cross_compiling" = yes; then
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking default TCP receive buffer size" >&5
+-$as_echo_n "checking default TCP receive buffer size... " >&6; }
+-if test "$cross_compiling" = yes; then :
- CONF_TCP_SO_RCVBUF=65536
-else
-- cat >conftest.$ac_ext <<_ACEOF
--/* confdefs.h. */
--_ACEOF
--cat confdefs.h >>conftest.$ac_ext
--cat >>conftest.$ac_ext <<_ACEOF
+- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#include
@@ -125,46 +93,22 @@
-}
-
-_ACEOF
--rm -f conftest$ac_exeext
--if { (ac_try="$ac_link"
--case "(($ac_try" in
-- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-- *) ac_try_echo=$ac_try;;
--esac
--eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-- (eval "$ac_link") 2>&5
-- ac_status=$?
-- echo "$as_me:$LINENO: \$? = $ac_status" >&5
-- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
-- { (case "(($ac_try" in
-- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-- *) ac_try_echo=$ac_try;;
--esac
--eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
-- (eval "$ac_try") 2>&5
-- ac_status=$?
-- echo "$as_me:$LINENO: \$? = $ac_status" >&5
-- (exit $ac_status); }; }; then
+-if ac_fn_c_try_run "$LINENO"; then :
- CONF_TCP_SO_RCVBUF=`cat conftestval`
-else
-- echo "$as_me: program exited with status $ac_status" >&5
--echo "$as_me: failed program was:" >&5
--sed 's/^/| /' conftest.$ac_ext >&5
--
--( exit $ac_status )
--CONF_TCP_SO_RCVBUF=65536
+- CONF_TCP_SO_RCVBUF=65536
-fi
--rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
--
--{ echo "$as_me:$LINENO: result: $CONF_TCP_SO_RCVBUF" >&5
--echo "${ECHO_T}$CONF_TCP_SO_RCVBUF" >&6; }
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CONF_TCP_SO_RCVBUF" >&5
+-$as_echo "$CONF_TCP_SO_RCVBUF" >&6; }
-
-
cat >>confdefs.h <<_ACEOF
-#define CONF_TCP_SO_RCVBUF $CONF_TCP_SO_RCVBUF
-+#define CONF_TCP_SO_RCVBUF 65563
++#define CONF_TCP_SO_RCVBUF 65536
_ACEOF
++++++ pure-ftpd-1.0.21-portrange.patch -> pure-ftpd-1.0.32-portrange.patch ++++++
--- pure-ftpd/pure-ftpd-1.0.21-portrange.patch 2010-01-12 10:38:22.000000000 +0100
+++ /mounts/work_src_done/STABLE/pure-ftpd/pure-ftpd-1.0.32-portrange.patch 2011-05-28 00:47:04.000000000 +0200
@@ -2,17 +2,17 @@
===================================================================
--- configuration-file/pure-config.pl.in.orig
+++ configuration-file/pure-config.pl.in
-@@ -80,9 +80,10 @@ my %numpairb_switch_for = (
+@@ -81,9 +81,10 @@ my %numpairb_switch_for = (
);
my %numpairc_switch_for = (
-- Umask => "-U",
-- Quota => "-n",
-- PerUserLimits => "-y",
-+ Umask => "-U",
-+ Quota => "-n",
-+ PerUserLimits => "-y",
-+ PassivePortRange => "-p",
+- Umask => "-U",
+- Quota => "-n",
+- PerUserLimits => "-y",
++ Umask => "-U",
++ Quota => "-n",
++ PerUserLimits => "-y",
++ PassivePortRange => "-p",
);
my %auth_method_for = (
++++++ pure-ftpd-1.0.30.tar.gz -> pure-ftpd-1.0.32.tar.bz2 ++++++
++++ 38108 lines of diff (skipped)
++++ retrying with extended exclude list
Files old/pure-ftpd-1.0.30/._AUTHORS and new/pure-ftpd-1.0.32/._AUTHORS differ
Files old/pure-ftpd-1.0.30/._FAQ and new/pure-ftpd-1.0.32/._FAQ differ
Files old/pure-ftpd-1.0.30/._INSTALL and new/pure-ftpd-1.0.32/._INSTALL differ
Files old/pure-ftpd-1.0.30/._Makefile.in and new/pure-ftpd-1.0.32/._Makefile.in differ
Files old/pure-ftpd-1.0.30/._README and new/pure-ftpd-1.0.32/._README differ
Files old/pure-ftpd-1.0.30/._README.Authentication-Modules and new/pure-ftpd-1.0.32/._README.Authentication-Modules differ
Files old/pure-ftpd-1.0.30/._README.Donations and new/pure-ftpd-1.0.32/._README.Donations differ
Files old/pure-ftpd-1.0.30/._README.LDAP and new/pure-ftpd-1.0.32/._README.LDAP differ
Files old/pure-ftpd-1.0.30/._README.MySQL and new/pure-ftpd-1.0.32/._README.MySQL differ
Files old/pure-ftpd-1.0.30/._README.PGSQL and new/pure-ftpd-1.0.32/._README.PGSQL differ
Files old/pure-ftpd-1.0.30/._README.TLS and new/pure-ftpd-1.0.32/._README.TLS differ
Files old/pure-ftpd-1.0.30/._README.Virtual-Users and new/pure-ftpd-1.0.32/._README.Virtual-Users differ
Files old/pure-ftpd-1.0.30/._THANKS and new/pure-ftpd-1.0.32/._THANKS differ
Files old/pure-ftpd-1.0.30/._aclocal.m4 and new/pure-ftpd-1.0.32/._aclocal.m4 differ
Files old/pure-ftpd-1.0.30/._config.h.in and new/pure-ftpd-1.0.32/._config.h.in differ
Files old/pure-ftpd-1.0.30/._configure and new/pure-ftpd-1.0.32/._configure differ
Files old/pure-ftpd-1.0.30/._configure.ac and new/pure-ftpd-1.0.32/._configure.ac differ
Files old/pure-ftpd-1.0.30/._depcomp and new/pure-ftpd-1.0.32/._depcomp differ
Files old/pure-ftpd-1.0.30/._install-sh and new/pure-ftpd-1.0.32/._install-sh differ
Files old/pure-ftpd-1.0.30/._missing and new/pure-ftpd-1.0.32/._missing differ
Files old/pure-ftpd-1.0.30/._pure-ftpd.spec and new/pure-ftpd-1.0.32/._pure-ftpd.spec differ
Files old/pure-ftpd-1.0.30/._pure-ftpd.spec.in and new/pure-ftpd-1.0.32/._pure-ftpd.spec.in differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pure-ftpd-1.0.30/AUTHORS new/pure-ftpd-1.0.32/AUTHORS
--- old/pure-ftpd-1.0.30/AUTHORS 2009-12-30 23:44:26.000000000 +0100
+++ new/pure-ftpd-1.0.32/AUTHORS 2011-04-17 17:05:54.000000000 +0200
@@ -319,6 +319,10 @@
LDAP authentication through binding.
+* Todd E Rinaldino / Cpanel
+
+ -J option (set allowed ciphers for SSL/TLS).
+
* Frank DENIS aka Jedi/Sector One :
Pure-FTPd project initiator and maintainer.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pure-ftpd-1.0.30/ChangeLog new/pure-ftpd-1.0.32/ChangeLog
--- old/pure-ftpd-1.0.30/ChangeLog 2011-03-08 00:00:56.000000000 +0100
+++ new/pure-ftpd-1.0.32/ChangeLog 2011-05-02 04:31:45.000000000 +0200
@@ -1,4 +1,18 @@
+* Version 1.0.32:
+ - Support SHA1 password hashing in MySQL and PostgreSQL backends
+ - Support for braces expansion in directory listings has been
+disabled - Cf. CVE-2011-0418
+
+* Version 1.0.31:
+ - Introduce --tlsciphersuite (-J) to set the list of allowed ciphers,
+thanks to Todd Rinaldo.
+ - The -F switch has been documented in the built-in help.
+ - Shell-like escaping is now partially handled when emulating the "ls"
+command.
+ - Use my_make_scrambled_password() instead of make_scrambled_password().
+Suggested by Arkadiusz Miskiewicz.
+
* Version 1.0.30:
- Use malloc() instead of an ever-growing stack in pure-quotacheck.
Fixes quota computation on a large number of files. Problem initially
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pure-ftpd-1.0.30/NEWS new/pure-ftpd-1.0.32/NEWS
--- old/pure-ftpd-1.0.30/NEWS 2011-03-08 00:15:32.000000000 +0100
+++ new/pure-ftpd-1.0.32/NEWS 2011-05-02 04:32:00.000000000 +0200
@@ -1,4 +1,16 @@
+* Version 1.0.32:
+ - Support SHA1 password hashing in MySQL and PostgreSQL backends
+ - Support for braces expansion in directory listings has been
+disabled - Cf. CVE-2011-0418
+
+* Version 1.0.31:
+ - The list of allowed ciphers for SSL/TLS connections can now be
+specified (--tlsciphersuite / -J).
+ - Shell-like escaping is now partially handled when emulating the
+"ls" command in order to improve compatibility with legacy clients.
+ - Linking issues with MySQL support on Fedora have been solved.
+
* Version 1.0.30:
- pure-quotacheck can now work with a large number of files.
- OPTS UTF-8 is now an alias to OPTS UTF8.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/pure-ftpd-1.0.30/README new/pure-ftpd-1.0.32/README
--- old/pure-ftpd-1.0.30/README 2011-01-23 00:54:35.000000000 +0100
+++ new/pure-ftpd-1.0.32/README 2011-05-02 03:22:54.000000000 +0200
@@ -1,6 +1,6 @@
.:. PURE-FTPD .:.
- Documentation for version 1.0.30
+ Documentation for version 1.0.32
------------------------ BLURB ------------------------
@@ -750,6 +750,10 @@
because with that feature, he'll be able to create/chown directories anywhere
on the server's filesystem.
+- '-J <ciphers>': Sets the list of ciphers that will be accepted for
+SSL/TLS connections.
+For example: -J HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
+
- '-k <percentage>': Don't allow uploads if the partition is more than
<percentage>% full. For instance, "-k 95" will ensure your disks will never
get filled more than 95% by FTP. No need for the "percent" sign after the
@@ -1007,6 +1011,7 @@
-i --anonymouscantupload
-I --maxidletime