-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Nov 2011 23:17:40 +0100 Source: proftpd-dfsg Binary: proftpd-basic proftpd-dev proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap proftpd-mod-odbc proftpd-mod-sqlite Architecture: powerpc Version: 1.3.3a-6squeeze4 Distribution: squeeze-security Urgency: low Maintainer: powerpc Build Daemon (porpora) Changed-By: Francesco Paolo Lovergine Description: proftpd-basic - Versatile, virtual-hosting FTP daemon - binaries proftpd-dev - Versatile, virtual-hosting FTP daemon - development files proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-ldap - Versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - Versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-odbc - Versatile, virtual-hosting FTP daemon - ODBC module proftpd-mod-pgsql - Versatile, virtual-hosting FTP daemon - PostgreSQL module proftpd-mod-sqlite - Versatile, virtual-hosting FTP daemon - SQLite3 module Closes: 648373 Changes: proftpd-dfsg (1.3.3a-6squeeze4) stable-security; urgency=low . * [SECURITY] 3711.dpatch. This patch fixes a response pool use-after-free memory corruption error. This is CVE-2011-4130. (closes: #648373) * [SECURITY] 3624.dpatch This patch fixes the issue by causing mod_tls to clear the buffers of any data received from the client, once the SSL/TLS handshake has succeded. This is similar to CVE-2011-0411. Checksums-Sha1: 7d4338e853497a2a0b0aef868245030478ff27f2 2395850 proftpd-basic_1.3.3a-6squeeze4_powerpc.deb 0bea19613e835b8f0781c16e19ae7ce3fc31c87c 941464 proftpd-dev_1.3.3a-6squeeze4_powerpc.deb 23da4aed65e9fde01be0b15342a995caeb86537c 346630 proftpd-mod-mysql_1.3.3a-6squeeze4_powerpc.deb 75b02abe1420fdc42ce71f916144246c54d4ad85 346592 proftpd-mod-pgsql_1.3.3a-6squeeze4_powerpc.deb e8eb4d0fba1fec6dbd575e26dfab8fc1438003dc 356434 proftpd-mod-ldap_1.3.3a-6squeeze4_powerpc.deb 54053b51972f7fb98541859201f0b98c9e4c6e1d 348716 proftpd-mod-odbc_1.3.3a-6squeeze4_powerpc.deb f4435f75ca91d1666726ea908ab63438ba3d76bd 345710 proftpd-mod-sqlite_1.3.3a-6squeeze4_powerpc.deb Checksums-Sha256: 67396bf98cb826efbf4eb840f346aa6d0c576f7f7fc90be0257de7ba345f9912 2395850 proftpd-basic_1.3.3a-6squeeze4_powerpc.deb 2242703d400ca00ebe69a9fad4dad05815f29c66aa8e76f7a2341cc2cc021f89 941464 proftpd-dev_1.3.3a-6squeeze4_powerpc.deb a118844817ae71ab7f1b33647e493a449a508afa4df1d3db58331d23e15df3e3 346630 proftpd-mod-mysql_1.3.3a-6squeeze4_powerpc.deb 6b4453ce14cd5d3d1096483905aff3e4de4fe9598b818eaf21b02aedf8a68ad6 346592 proftpd-mod-pgsql_1.3.3a-6squeeze4_powerpc.deb b5df63decfa915f6a70f20c5a05167462f01a69abb67ae95434cb33e6ae2031a 356434 proftpd-mod-ldap_1.3.3a-6squeeze4_powerpc.deb 7194a9055dfe367db31300fdda8b09062149bf5e0954b1481d9da2399d07de81 348716 proftpd-mod-odbc_1.3.3a-6squeeze4_powerpc.deb 985834316c9084ef0b0e209c15f1712bec5aef82a77525e26dcd5bfa83a73f2d 345710 proftpd-mod-sqlite_1.3.3a-6squeeze4_powerpc.deb Files: d3a570604f982df790a66a0de41f12cd 2395850 net optional proftpd-basic_1.3.3a-6squeeze4_powerpc.deb 210f960212148d8d8cb3087bf1cd9c86 941464 net optional proftpd-dev_1.3.3a-6squeeze4_powerpc.deb 5d4f2fc962b25e9fd4e8b7dcff9257b7 346630 net optional proftpd-mod-mysql_1.3.3a-6squeeze4_powerpc.deb fd184c9f43a388821c77c9639d7fca94 346592 net optional proftpd-mod-pgsql_1.3.3a-6squeeze4_powerpc.deb 5a4f4242a8e331a5c887cd1cd00e7973 356434 net optional proftpd-mod-ldap_1.3.3a-6squeeze4_powerpc.deb 1f97723f6106339f195061924ceefdc5 348716 net optional proftpd-mod-odbc_1.3.3a-6squeeze4_powerpc.deb 3a361fb66f303c44b5938c443f0e043a 345710 net optional proftpd-mod-sqlite_1.3.3a-6squeeze4_powerpc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJOwE4jAAoJELzJGFiM510FBTgP/1ECCbbDW4DW1UM8rilIxWbG LSsakmc9eneAhIa+qK78Gf8ex40uuiV+rNI896bs8zQEfU+ZWZ0CtS4F0zZOxUjZ CxcKz6lnQGlPOpia+dCcbMT6L5quMT23Du9+PA44i2/7UZy25R4thzTCnTqp4rNk GA9zQxJcfAbypTtdiL1QDiTHgARmoOmj8+Ycz/1RX05YLzZrelPM+ApQfEvR50w6 ZEvzrZCDENIJSifj5KYS1Hsp+wyDo0+rK0dmhT46jEY0Kd/6zJEsTkMBPLQp4/GN ouYnGtM4npz7O5ijKSBkoNlF1n+lCz7eSH+XRB0rcHPXEXhjn3FC+L94hLke5xBd 9oC8vZqK0neDlsFZhOxJ+8WjJxAJPL18gY19MqpzLyw3bebeSmkUY09uiL9uwh1Z BTO2rbDhXVPpRWnu5hjXQGCV8CI4kzw9ma9CafQJCZ2deLqTBsarVbWYyIe0lddV eLKk6qF1QIxjKDHrbcGiSDOS4JXiPc1iVLVhfNcT6gUxOV1PAQDaIRUSnSqZpGu2 YNtoDBXgjADOB1kEsG/+as8TlpVWeH9vOMAdHhqDYGRQqGf9U8YNHeG4ckK5oqg5 h2jLbURvNmD5gLeZ1NFLbSTJL10qsY2ztuWyx1cmYv4GgIdIi6Zes8HPVK4nCda/ 66FM6eCtX25ea5vkVtO/ =SUbX -----END PGP SIGNATURE-----