-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 13 Nov 2011 23:17:40 +0100 Source: proftpd-dfsg Binary: proftpd-basic proftpd-dev proftpd-doc proftpd-mod-mysql proftpd-mod-pgsql proftpd-mod-ldap proftpd-mod-odbc proftpd-mod-sqlite Architecture: armel Version: 1.3.3a-6squeeze4 Distribution: squeeze-security Urgency: low Maintainer: armel Build Daemon (alwyn) Changed-By: Francesco Paolo Lovergine Description: proftpd-basic - Versatile, virtual-hosting FTP daemon - binaries proftpd-dev - Versatile, virtual-hosting FTP daemon - development files proftpd-doc - Versatile, virtual-hosting FTP daemon - documentation proftpd-mod-ldap - Versatile, virtual-hosting FTP daemon - LDAP module proftpd-mod-mysql - Versatile, virtual-hosting FTP daemon - MySQL module proftpd-mod-odbc - Versatile, virtual-hosting FTP daemon - ODBC module proftpd-mod-pgsql - Versatile, virtual-hosting FTP daemon - PostgreSQL module proftpd-mod-sqlite - Versatile, virtual-hosting FTP daemon - SQLite3 module Closes: 648373 Changes: proftpd-dfsg (1.3.3a-6squeeze4) stable-security; urgency=low . * [SECURITY] 3711.dpatch. This patch fixes a response pool use-after-free memory corruption error. This is CVE-2011-4130. (closes: #648373) * [SECURITY] 3624.dpatch This patch fixes the issue by causing mod_tls to clear the buffers of any data received from the client, once the SSL/TLS handshake has succeded. This is similar to CVE-2011-0411. Checksums-Sha1: c3ee148b97a40cc64112ffa888c1e3261cd10d76 2372768 proftpd-basic_1.3.3a-6squeeze4_armel.deb 036dfa1b16a55e6bda2a6c239ee273ffaa7e00ba 842202 proftpd-dev_1.3.3a-6squeeze4_armel.deb 35dec4a0f669f70be84b9c10a121646b34a36af8 345952 proftpd-mod-mysql_1.3.3a-6squeeze4_armel.deb b1188a85220d2e88aca4d329c7e03770dc3f2b8a 345956 proftpd-mod-pgsql_1.3.3a-6squeeze4_armel.deb 8e350fe3a0446549cc717af1e87f1f4f77e8e839 355246 proftpd-mod-ldap_1.3.3a-6squeeze4_armel.deb ab63c6a3b99a50c6abdf68c48d57ccd5509d8f9a 348896 proftpd-mod-odbc_1.3.3a-6squeeze4_armel.deb 4e9c6eed2b5066f12f1cd21bee3e7e4db25141cc 345318 proftpd-mod-sqlite_1.3.3a-6squeeze4_armel.deb Checksums-Sha256: 71bb011f61c7e1edb1b1e6c318c3029b09c3c26fd2ff64bcd55d14c460b1da02 2372768 proftpd-basic_1.3.3a-6squeeze4_armel.deb 1ec18e0b976560dff9c6f4b1f4dfc71eb4b09234f7f324240fc62ddfa60d2641 842202 proftpd-dev_1.3.3a-6squeeze4_armel.deb 42fec30acc6b85867cc02094ea76ea753f722740c4fb68062655fd947e5b4fc9 345952 proftpd-mod-mysql_1.3.3a-6squeeze4_armel.deb ad3f1bb705702233610324a8513c10971c890e082e2579801d694456b7e9a384 345956 proftpd-mod-pgsql_1.3.3a-6squeeze4_armel.deb 2bbd5a7cf3ad156ed3d99b287709548857f31a9c32bb80a86afe892666ac48f5 355246 proftpd-mod-ldap_1.3.3a-6squeeze4_armel.deb 72ebbab703fb0b8e79c87ac801941a54cb61d7c4b1daa8dd0c0d0e345c5fc485 348896 proftpd-mod-odbc_1.3.3a-6squeeze4_armel.deb 22a0f9abfddbd4490db241fe35d22f9439a96fea07787f071ae1011e42bef87d 345318 proftpd-mod-sqlite_1.3.3a-6squeeze4_armel.deb Files: cabb187d2e598d380f7de660ae8ab0ad 2372768 net optional proftpd-basic_1.3.3a-6squeeze4_armel.deb 9c04bd39338038fe4230c41431c3ef37 842202 net optional proftpd-dev_1.3.3a-6squeeze4_armel.deb 69a802429222bb5629a27030457813bd 345952 net optional proftpd-mod-mysql_1.3.3a-6squeeze4_armel.deb b6bd9647419f4ca6c24f49c6c8ab7879 345956 net optional proftpd-mod-pgsql_1.3.3a-6squeeze4_armel.deb fdef431068a03b0174f57cc34a8073fb 355246 net optional proftpd-mod-ldap_1.3.3a-6squeeze4_armel.deb 89f9b66bf5782b51d809382997eb807b 348896 net optional proftpd-mod-odbc_1.3.3a-6squeeze4_armel.deb 4ad2d34614dbfec354f641aaab241c26 345318 net optional proftpd-mod-sqlite_1.3.3a-6squeeze4_armel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJOwFKFAAoJEBRVXZHoMsNVof8P/2F8MLt+uamlxOalydnk5jXi z7tdsp9Lbhgjj6fnBMRBlJ+wndoJM1uy0EOT5Kf6s39bL/8uKT8O0nUzbAcBPPhc RPpH/niOnUx3pRungf75eljlE8H7Fc9HQ7NZXJ8suYE1pULvzbIyCB2HCAmc1xQj XGarKlKU1NVq39dPR7obuFtaPUolUR1tNQKM5w7ugYsrYX3qC6gZTGjfNEdLIG/G GzZ15HyYToxM/yFoNfKzDiA7WeEbz/XRP0h6fpkPaY41A7Fm9xvOFyN51+EGp/Z5 v8TyLO4lp9oXP0uByFgqm4lsXVp7bV9l6if4sxWlZ8PufQSXBlOgbjqtcyZv27qE aLa8BfB7DPm90if3E3jj03vuzG0SEMBCLXcp/VvKc1oAHJEDLrlJoclbbAiZoFyY k+BjX+T/Od1kItHbi9getTzILUpODbI2tC0I8vYLKHd6G7GsCSafma1bhoJmiTwH bqIQ6HbSJQ5lPw4A/LURw7fWpowqwmIMxrL/a6pbhVxSIyQqVob0bZ54kKrsSbBJ FR5pHdgPpn4tCRZK4Qob58vgS7ldm1KmUsdJGELQT8ms/10osCDvgsaKpU5boyi/ KMVg7XjNewgckXGlYWCeXTmlt1iKCX550haBeXm8J7suI25Q9CNrUvdNLYiaS/wL sI7R6dxa6A8HfgSLdMi+ =nhIr -----END PGP SIGNATURE-----