-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Nov 2011 23:17:40 +0100 Source: proftpd-dfsg Binary: proftpd-basic proftpd-dev proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap proftpd-mod-odbc proftpd-mod-sqlite Architecture: s390 Version: 1.3.3a-6squeeze4 Distribution: squeeze-security Urgency: low Maintainer: s390 Build Daemon (zandonai) Changed-By: Francesco Paolo Lovergine Description: proftpd-basic - Versatile, virtual-hosting FTP daemon - binaries proftpd-dev - Versatile, virtual-hosting FTP daemon - development files proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-ldap - Versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - Versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-odbc - Versatile, virtual-hosting FTP daemon - ODBC module proftpd-mod-pgsql - Versatile, virtual-hosting FTP daemon - PostgreSQL module proftpd-mod-sqlite - Versatile, virtual-hosting FTP daemon - SQLite3 module Closes: 648373 Changes: proftpd-dfsg (1.3.3a-6squeeze4) stable-security; urgency=low . * [SECURITY] 3711.dpatch. This patch fixes a response pool use-after-free memory corruption error. This is CVE-2011-4130. (closes: #648373) * [SECURITY] 3624.dpatch This patch fixes the issue by causing mod_tls to clear the buffers of any data received from the client, once the SSL/TLS handshake has succeded. This is similar to CVE-2011-0411. Checksums-Sha1: 3b489bf4f470b518bd6b8acc3b33c556f937f0c1 2419570 proftpd-basic_1.3.3a-6squeeze4_s390.deb 61ac4f5d30ce7ab5e2015256aafdb10304baaadb 906804 proftpd-dev_1.3.3a-6squeeze4_s390.deb 688d1a6dfe397c3909206105c77cc4b99175c3cb 347352 proftpd-mod-mysql_1.3.3a-6squeeze4_s390.deb 1292cfdbcab2218817e3211fc103da9d556f1fae 347134 proftpd-mod-pgsql_1.3.3a-6squeeze4_s390.deb a166c523ea123ef67a335e233a206e4c406e22d1 356238 proftpd-mod-ldap_1.3.3a-6squeeze4_s390.deb f56dd205ffab9726cba3702ad405665ff720e672 348710 proftpd-mod-odbc_1.3.3a-6squeeze4_s390.deb facdf33e03888c3e57b581aa2a57f1e8e463d853 346616 proftpd-mod-sqlite_1.3.3a-6squeeze4_s390.deb Checksums-Sha256: f944d7f9a1ff703af548ff245798c763ea784cc39eb9e0bb83d45e65a8d1cb3a 2419570 proftpd-basic_1.3.3a-6squeeze4_s390.deb a110f1a09812609b71816be87a6fcc640c927720377e11f391f3db50144dc6c6 906804 proftpd-dev_1.3.3a-6squeeze4_s390.deb dd0cc59477128fdbe87e8917f4c92f28407be1c8b356ef7b7c1a139ec8c4a602 347352 proftpd-mod-mysql_1.3.3a-6squeeze4_s390.deb 20d687138507d8aed8f731da28d11373109d9aea222a412c9c4461f76eb0bcab 347134 proftpd-mod-pgsql_1.3.3a-6squeeze4_s390.deb eb8209b3f8b0b42023b28217c0d48e4def500286afefa1c28eb6605915f456fd 356238 proftpd-mod-ldap_1.3.3a-6squeeze4_s390.deb 8b9743f49cf4bd650363f9408fb6ccd3732b4bbbbcb57e6935d0a1dbf5ef9ac5 348710 proftpd-mod-odbc_1.3.3a-6squeeze4_s390.deb 02ca9614523c60ef84e3025d2c300eba50fda4e569569ca3cf1f0bfaabf882b0 346616 proftpd-mod-sqlite_1.3.3a-6squeeze4_s390.deb Files: 4e56fd00068d0ed961a40287df6c95e2 2419570 net optional proftpd-basic_1.3.3a-6squeeze4_s390.deb e51ecde3709628cd7da6154346ab2fa3 906804 net optional proftpd-dev_1.3.3a-6squeeze4_s390.deb 64502834d4b906929a11de949040b27c 347352 net optional proftpd-mod-mysql_1.3.3a-6squeeze4_s390.deb 45b4f776001703edb2c4c0b35ce6ff20 347134 net optional proftpd-mod-pgsql_1.3.3a-6squeeze4_s390.deb 74d96b35e2fb93dc1840853494d26b17 356238 net optional proftpd-mod-ldap_1.3.3a-6squeeze4_s390.deb ba42ba835f5393f18b862ae378d4d09e 348710 net optional proftpd-mod-odbc_1.3.3a-6squeeze4_s390.deb 7385182d94e4467245a515378888a3b2 346616 net optional proftpd-mod-sqlite_1.3.3a-6squeeze4_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJOwE0UAAoJELWkVFx3JxH3T1wQAK1WYciiBYNnKmTtkBQyQfIW 6oL4MFLBDHfbXFUhHok7PCU5Wr1Doqt1X+p26Zn02joe+0VpCWM+kDuWqgcg6Gvc YsrqUUcd2zOr/sZgZrhPiWvdbC2CHbFmF43CBeufolasz2vbJMgPQINgMJ39LZFs Oru93ZdG8dU8859kEtPQvxS6079WnCyGqQ0qr51614k5/H5U6F6M+1RM/7FN0kqr bUOGwQwEn7ufD9K8ZT8WJj6LZxjQB9kvV+u5N69+QGqvaGF95FrNCVhZ7gUp1GL8 jrwd1fXxD3gFUGKzZDH/i37nv7/ffuq0nxhZE7MG45WKnqoW7CKWz9nsrf0puJhA UtHLvRqd5ioG7uIhVxqgxU3mc8PbcnMRsSxTQNEoY42sHyiUwUa9fXZG9y3QSDG5 k0FduqwcEzjUrK/7zAgEnaGY5rEcT+Dj1xsrU3tEN4XaafEkeOFBz7YGgtiF/pD8 UVqKBCYjqSlJVURuLkF4ZE5wKHBWa1RQxlyrYgGUHvYZKyNnIdtUP6aJHpu1h1lY YoDK9NdSePOA5rPCmrvuqQRWMtC6UlNFaJiQHReGar/mrelyERrqxzEu255N661G qq9jEbdEu7aGEFwG2IxsLgQYEL/LBwJnDii1vNGTUhkqutWXxTf0pluDmxFOJmOn +A5ISSQxf5MwK2ilzxtG =0mgM -----END PGP SIGNATURE-----