Hello community, here is the log from the commit of package pure-ftpd checked in at Mon Sep 15 15:52:15 CEST 2008. -------- --- pure-ftpd/pure-ftpd.changes 2008-07-22 12:20:54.000000000 +0200 +++ /mounts/work_src_done/STABLE/pure-ftpd/pure-ftpd.changes 2008-09-15 14:51:30.000000000 +0200 @@ -1,0 +2,6 @@ +Mon Sep 15 14:50:54 CEST 2008 - hvogel@suse.de + +- limit port range for passv to 30000:30100 to assist firewalling + [bnc#420671] + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pure-ftpd.spec ++++++ --- /var/tmp/diff_new_pack.s31136/_old 2008-09-15 15:52:05.000000000 +0200 +++ /var/tmp/diff_new_pack.s31136/_new 2008-09-15 15:52:05.000000000 +0200 @@ -2,9 +2,16 @@ # spec file for package pure-ftpd (Version 1.0.21) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -14,7 +21,7 @@ Name: pure-ftpd BuildRequires: mysql-devel openldap2-devel pam-devel postgresql-devel Version: 1.0.21 -Release: 154 +Release: 182 Url: http://www.pureftpd.org Source: ftp://ftp.pureftpd.org/pub/%{name}/releases/%{name}-%version.tar.bz2 Source1: %{name}.init @@ -144,6 +151,9 @@ %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%name %changelog +* Mon Sep 15 2008 hvogel@suse.de +- limit port range for passv to 30000:30100 to assist firewalling + [bnc#420671] * Mon Jul 21 2008 hvogel@suse.de - do not use tcp send/receive buffer optimization. Might lead to strange side effects when allocating too much stack. [bnc#407363] ++++++ pure-ftpd-1.0.20_config.patch ++++++ --- /var/tmp/diff_new_pack.s31136/_old 2008-09-15 15:52:05.000000000 +0200 +++ /var/tmp/diff_new_pack.s31136/_new 2008-09-15 15:52:05.000000000 +0200 @@ -1,8 +1,8 @@ Index: configuration-file/pure-ftpd.conf.in -=================================================================== ---- configuration-file/pure-ftpd.conf.in.orig +================================================================================ +--- configuration-file/pure-ftpd.conf.in +++ configuration-file/pure-ftpd.conf.in -@@ -37,7 +37,7 @@ BrokenClientsCompatibility no +@@ -37,7 +37,7 @@ # Maximum number of simultaneous users @@ -11,7 +11,7 @@ -@@ -49,7 +49,7 @@ Daemonize yes +@@ -49,7 +49,7 @@ # Maximum number of sim clients with the same IP address @@ -20,7 +20,7 @@ -@@ -59,6 +59,9 @@ MaxClientsPerIP 8 +@@ -59,6 +59,9 @@ VerboseLog no @@ -30,7 +30,7 @@ # List dot-files even when the client doesn't send "-a". -@@ -68,7 +71,7 @@ DisplayDotFiles yes +@@ -68,7 +71,7 @@ # Don't allow authenticated users - have a public anonymous FTP only. @@ -39,7 +39,7 @@ -@@ -107,23 +110,23 @@ MaxIdleTime 15 +@@ -107,23 +110,23 @@ # LDAP configuration file (see README.LDAP) @@ -67,7 +67,7 @@ # Path to pure-authd socket (see README.Authentication-Modules) -@@ -134,7 +137,7 @@ MaxIdleTime 15 +@@ -134,7 +137,7 @@ # If you want to enable PAM authentication, uncomment the following line @@ -76,7 +76,7 @@ -@@ -231,7 +234,7 @@ AntiWarez yes +@@ -231,7 +234,7 @@ # File creation mask. <umask for files>:<umask for dirs> . # 177:077 if you feel paranoid. @@ -85,7 +85,7 @@ -@@ -257,7 +260,7 @@ AllowAnonymousFXP no +@@ -257,7 +260,7 @@ # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. @@ -94,7 +94,7 @@ -@@ -270,13 +273,13 @@ ProhibitDotFilesRead no +@@ -270,13 +273,13 @@ # Never overwrite files. When a file whoose name already exist is uploaded, # it get automatically renamed to file.1, file.2, file.3, ... @@ -110,7 +110,7 @@ -@@ -372,7 +375,7 @@ MaxDiskUsage 99 +@@ -372,7 +375,7 @@ # Set to 'yes' if you don't want your users to rename files. @@ -119,9 +119,13 @@ -Index: pureftpd-mysql.conf -=================================================================== ---- pureftpd-mysql.conf.orig +@@ -442,3 +445,5 @@ + + # FileSystemCharset big5 + # ClientCharset big5 ++ ++PassivePortRange 30000:30100 +--- pureftpd-mysql.conf +++ pureftpd-mysql.conf @@ -19,17 +19,18 @@ @@ -147,11 +151,9 @@ # Mandatory : database to open. -Index: pureftpd-pgsql.conf -=================================================================== ---- pureftpd-pgsql.conf.orig +--- pureftpd-pgsql.conf +++ pureftpd-pgsql.conf -@@ -16,6 +16,7 @@ PGSQLPort 5432 +@@ -16,6 +16,7 @@ # PGSQLPort .s.PGSQL.5432 # Mandatory : user to bind the server as. @@ -159,4 +161,3 @@ PGSQLUser postgres # Mandatory : user password. You *must* have a password. - ++++++ pure-ftpd.firewall ++++++ --- pure-ftpd/pure-ftpd.firewall 2007-02-28 08:51:37.000000000 +0100 +++ /mounts/work_src_done/STABLE/pure-ftpd/pure-ftpd.firewall 2008-09-15 14:45:05.000000000 +0200 @@ -2,10 +2,10 @@ ## Description: Opens ports for pureftpd with broadcast allowed. # space separated list of allowed TCP ports -TCP="ftp ftp-data" +TCP="ftp 30000:30100" # space separated list of allowed UDP ports -UDP="ftp-data" +UDP="" # space separated list of allowed RPC services RPC="" ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org