-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Nov 2011 23:17:40 +0100 Source: proftpd-dfsg Binary: proftpd-basic proftpd-dev proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap proftpd-mod-odbc proftpd-mod-sqlite Architecture: mips Version: 1.3.3a-6squeeze4 Distribution: squeeze-security Urgency: low Maintainer: mips Build Daemon (lucatelli) Changed-By: Francesco Paolo Lovergine Description: proftpd-basic - Versatile, virtual-hosting FTP daemon - binaries proftpd-dev - Versatile, virtual-hosting FTP daemon - development files proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-ldap - Versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - Versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-odbc - Versatile, virtual-hosting FTP daemon - ODBC module proftpd-mod-pgsql - Versatile, virtual-hosting FTP daemon - PostgreSQL module proftpd-mod-sqlite - Versatile, virtual-hosting FTP daemon - SQLite3 module Closes: 648373 Changes: proftpd-dfsg (1.3.3a-6squeeze4) stable-security; urgency=low . * [SECURITY] 3711.dpatch. This patch fixes a response pool use-after-free memory corruption error. This is CVE-2011-4130. (closes: #648373) * [SECURITY] 3624.dpatch This patch fixes the issue by causing mod_tls to clear the buffers of any data received from the client, once the SSL/TLS handshake has succeded. This is similar to CVE-2011-0411. Checksums-Sha1: a1f27eb7cd547093eb3579ae0d9b6d1c14fe3966 2343882 proftpd-basic_1.3.3a-6squeeze4_mips.deb 932d32f534d763f4bfbba08fec5fa556e78be876 1003002 proftpd-dev_1.3.3a-6squeeze4_mips.deb 070755cc84e7a6409c821731dbe3efdac6bbd111 346148 proftpd-mod-mysql_1.3.3a-6squeeze4_mips.deb 649a4fd0bb049b1a4912c8f158c00560e05a85d8 345950 proftpd-mod-pgsql_1.3.3a-6squeeze4_mips.deb ab00feae9e3dd47787de15a45a6f86aa55a7be81 354576 proftpd-mod-ldap_1.3.3a-6squeeze4_mips.deb 5978fd328e9ae5730a1e861528d27042d149956b 347566 proftpd-mod-odbc_1.3.3a-6squeeze4_mips.deb 715ca530475ae3034a53b5cb886129e828e2a020 345496 proftpd-mod-sqlite_1.3.3a-6squeeze4_mips.deb Checksums-Sha256: bde366b3cf0cda066737fa3ad88868af605c4e60c927fcbaee15ab1c091791e8 2343882 proftpd-basic_1.3.3a-6squeeze4_mips.deb 4a2b1239f2a35a2c497b3688697b93bc8861829ff82cf99be41e93f117ce4f18 1003002 proftpd-dev_1.3.3a-6squeeze4_mips.deb 98be30f920137e32a7eec48209f10cb3f704fbd2abfa70688e67c21b83faa7d0 346148 proftpd-mod-mysql_1.3.3a-6squeeze4_mips.deb 33e1ad883647440d87fba512539143acd4da1b3737518c79400d9e34f326852e 345950 proftpd-mod-pgsql_1.3.3a-6squeeze4_mips.deb 8f8acc180b6c70bbdf162f60decbc9e8158ed0fbe9c0f810b769e33aa5948d96 354576 proftpd-mod-ldap_1.3.3a-6squeeze4_mips.deb dbb441632f237676665f543a06609bbee2c2f077c08e478749d6a5cfcda1564d 347566 proftpd-mod-odbc_1.3.3a-6squeeze4_mips.deb d083ead9eb963213b7a8effc354b4442679bc1cc819efc3799ec7cd056eddf35 345496 proftpd-mod-sqlite_1.3.3a-6squeeze4_mips.deb Files: 9205aad7dd5fcfd16e630b4dc3d1223f 2343882 net optional proftpd-basic_1.3.3a-6squeeze4_mips.deb 902c638b3aff0964f28933c8d01fb605 1003002 net optional proftpd-dev_1.3.3a-6squeeze4_mips.deb b2b4f50aac2921a0a52326d51baad246 346148 net optional proftpd-mod-mysql_1.3.3a-6squeeze4_mips.deb 1559b7516e580623b7e1e16ff60bb271 345950 net optional proftpd-mod-pgsql_1.3.3a-6squeeze4_mips.deb e67f2c809b6634ad994e7ac2733f3987 354576 net optional proftpd-mod-ldap_1.3.3a-6squeeze4_mips.deb 888de4a69ce96188edd182defcb64801 347566 net optional proftpd-mod-odbc_1.3.3a-6squeeze4_mips.deb cfb7a2e0d15b2ea9d84d29cbb4e8c8c7 345496 net optional proftpd-mod-sqlite_1.3.3a-6squeeze4_mips.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBCAAGBQJOwFWcAAoJEKDBSF96Co2iA0MQAMkJZ+DjQRkYvlwCmQ3d7beU auQaFHYhSZbCF2MNbBVYQbav4jz1RMoDtACkBK6P3JXnIH2UIvRFRp9tdXcchoyc SIhlryXgckkCgmjjzSwjLHmbzjR/uO0CZA7gaoXMi/VH7F1XS5KFDj2XX0wsLMF5 b97j6qneltL0FimG6MZIubpHL7pDjHukHvJYSNUoAk2tiPgyhzIykRTwnqKA3uTL iUTyYh1rS/z/fj1iz6PMQ9rfIgsqsANNDLDmhrmFCRHk8E4eNygbSeGYUmcb9/fe E+5CL0xm1HHiH6B1OBju2YOsurAN7HS1w77yQ77k0CvMonh+KSDhNN/PvXvm4G9M Ighyw8JMrELxCVORHfUvqkeMZQjgoX1RlzPp7g+baVj7BlA4pKqpeiaUNMImkdkO NlLYLFUtsBSJiAnVkCPEqjEFlxIAsYJRaTRIH8HIUiyZsZZwlWjFZRANiOAdC8tf h7y++wXaKGzenxy015cm6Y1kAt+CedPTdOutyRzGel5nfPko42BvUk0obER5B3I1 lSQPlByTD0P4Jn7BG4++VXafEdWTUtzl3nUl9VtH9bCreSRSFb6q9Xom3DU3GcV1 8OaRmh3gCclvcuOPw0zI3Jd7YfgpZwZm88xdf/FoQltaMNcOFkNYWJpEYCtm49f/ 6P2CjlVFJmAkxejt7Gjo =61+W -----END PGP SIGNATURE-----