September 2, 2009

Fedora 10 Security Update: proftpd-1.3.2a-4.fc10

Article Source Fedora 10 Security Updates
September 2, 2009, 5:10 pm

Resolved Bugs
509251 - Canned /etc/proftpd.conf contains certain commands in "server config" instead of context
485130 - proftpd: SQL injection during login [Fedora 10]
485125 - CVE-2009-0542 proftpd: SQL injection during login

This update has a large number of changes from previous Fedora packages; the highlights are as follows:
- Update to upstream release 1.3.2a
- Fix SQL injection vulnerability at login (#485125, CVE-2009-0542)
- Fix SELinux compatibility (#498375)
- Fix audit logging (#506735)
- Fix default configuration (#509251)
- Many new loadable modules including mod_ctrls_admin and mod_wrap2
- National Language Support (RFC 2640)
- Enable/disable common features in /etc/sysconfig/proftpd...

Read More

Click Here!