Created
February 10, 2013 17:39
-
-
Save anonymous/4750374 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Use certs in %%{_sysconfdir}/pki/tls/certs if/available (FC4, RHEL5 onwards) | |
| %global use_pki %(if [ -d %{_sysconfdir}/pki/tls/certs ]; then echo 1; else echo 0; fi) | |
| %if %{use_pki} | |
| %global pkidir %{_sysconfdir}/pki/tls | |
| %else | |
| %global pkidir %{_datadir}/ssl | |
| %endif | |
| #global prever rc4 | |
| %global rpmrel 2 | |
| Summary: Flexible, stable and highly-configurable FTP server | |
| Name: proftpd | |
| Version: 1.3.5rc1 | |
| Release: %{?prever:0.}%{rpmrel}%{?prever:.%{prever}}%{?dist} | |
| License: GPLv2+ | |
| Group: System Environment/Daemons | |
| URL: http://www.proftpd.org/ | |
| Source0: ftp://ftp.proftpd.org/distrib/source/proftpd-%{version}%{?prever}.tar.bz2 | |
| Source1: proftpd.conf | |
| Source2: proftpd.init | |
| Source3: proftpd-xinetd | |
| Source4: proftpd.logrotate | |
| Source5: proftpd-welcome.msg | |
| Source6: proftpd.pam | |
| Source9: proftpd.sysconfig | |
| Source10: http://www.castaglia.org/proftpd/modules/proftpd-mod-vroot-0.9.2.tar.gz | |
| # Source11: http://www.castaglia.org/proftpd/modules/proftpd-mod-geoip-0.2.tar.gz | |
| Source11: proftpd-tmpfs.conf | |
| # Patch0: proftpd-1.3.3g-bug3841.patch | |
| # Patch1: proftpd-mod-vroot-0.9.2-bug3841.patch | |
| BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root | |
| Requires(post): /sbin/chkconfig | |
| Requires(preun): /sbin/service, /sbin/chkconfig, coreutils, findutils | |
| Requires(postun): /sbin/service | |
| # Need systemd-units for ownership of /etc/tmpfiles.d directory | |
| %if 0%{?fedora} > 14 | |
| Requires: systemd-units | |
| %endif | |
| BuildRequires: pam-devel, ncurses-devel, pkgconfig, gettext, zlib-devel | |
| BuildRequires: openssl-devel, libacl-devel, libcap-devel, /usr/include/tcpd.h | |
| BuildRequires: openldap-devel, mysql-devel, postgresql-devel, GeoIP-devel | |
| Provides: ftpserver | |
| %description | |
| ProFTPD is an enhanced FTP server with a focus toward simplicity, security, | |
| and ease of configuration. It features a very Apache-like configuration | |
| syntax, and a highly customizable server infrastructure, including support for | |
| multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory | |
| visibility. | |
| This package defaults to the standalone behavior of ProFTPD, but all the | |
| needed scripts to have it run by xinetd instead are included. | |
| %package ldap | |
| Summary: Module to add LDAP support to the ProFTPD FTP server | |
| Group: System Environment/Daemons | |
| Requires: %{name} = %{version}-%{release} | |
| %description ldap | |
| Module to add LDAP support to the ProFTPD FTP server. | |
| %package mysql | |
| Summary: Module to add MySQL support to the ProFTPD FTP server | |
| Group: System Environment/Daemons | |
| Requires: %{name} = %{version}-%{release} | |
| %description mysql | |
| Module to add MySQL support to the ProFTPD FTP server. | |
| %package postgresql | |
| Summary: Module to add PostgreSQL support to the ProFTPD FTP server | |
| Group: System Environment/Daemons | |
| Requires: %{name} = %{version}-%{release} | |
| %description postgresql | |
| Module to add PostgreSQL support to the ProFTPD FTP server. | |
| %prep | |
| %setup -q -n %{name}-%{version}%{?prever} -a 10 | |
| # Copy mod_vroot source and documentation into place | |
| cp -p mod_vroot/mod_vroot.c contrib/ | |
| cp -p mod_vroot/mod_vroot.html doc/contrib/ | |
| # # Copy mod_geoip source and documentation into place | |
| # cp -p mod_geoip/mod_geoip.c contrib/ | |
| # cp -p mod_geoip/mod_geoip.html doc/contrib/ | |
| # Avoid documentation name conflicts | |
| mv contrib/README contrib/README.contrib | |
| # Fix possible symlink race when applying UserOwner to newly created directory | |
| # (CVE-2012-6095, #892715, http://bugs.proftpd.org/show_bug.cgi?id=3841) | |
| # %patch0 | |
| # %patch1 | |
| # Set up directory names in config file | |
| sed -e 's#@PKIDIR@#%{pkidir}#g' \ | |
| %{SOURCE1} > proftpd.conf | |
| # Avoid docfile dependencies | |
| chmod -x contrib/xferstats.holger-preiss | |
| # PAM Configuration: | |
| # Default PAM configuration file uses password-auth common config; | |
| # revert to system-auth if password-auth is not available | |
| cp -p %{SOURCE6} . | |
| if [ ! -f /etc/pam.d/password-auth ]; then | |
| sed -i -e s/password-auth/system-auth/ proftpd.pam | |
| fi | |
| # The "include" syntax used in our PAM configuration file was introduced in | |
| # PAM 0.78 and is therefore supported in FC-5 and EL-5 onwards; older | |
| # distributions such as EL-4 (PAM 0.77) need to fall back to using the | |
| # now-deprecated pam_stack module. Since the pam-devel package doesn't | |
| # include a pkgconfig file from which we could check the version number, we | |
| # instead check for the absence of the file /etc/pam.d/config-util, which is | |
| # present in all PAM packages from 0.80 onwards and acts as a useful | |
| # indicator of the need to fall back to pam_stack. | |
| [ ! -f /etc/pam.d/config-util ] && sed -i -e \ | |
| 's/include[[:space:]]*system-auth/required'\ \ \ \ \ 'pam_stack.so service=system-auth/' \ | |
| proftpd.pam | |
| # Fix character encoding in docs | |
| for f in ChangeLog; do | |
| iconv -f iso-8859-1 -t utf-8 < ${f} > ${f}.utf-8 | |
| mv -f ${f}.utf-8 ${f} | |
| done | |
| %build | |
| # Modules to be built as DSO's (excluding mod_ifsession, always specified last) | |
| SMOD1=mod_sql:mod_sql_passwd:mod_sql_mysql:mod_sql_postgres | |
| SMOD2=mod_quotatab:mod_quotatab_file:mod_quotatab_ldap:mod_quotatab_radius:mod_quotatab_sql | |
| SMOD3=mod_ldap:mod_ban:mod_wrap:mod_ctrls_admin:mod_facl:mod_load | |
| SMOD4=mod_radius:mod_ratio:mod_rewrite:mod_site_misc:mod_exec:mod_shaper:mod_geoip | |
| SMOD5=mod_wrap2:mod_wrap2_file:mod_wrap2_sql | |
| SMOD6=mod_sftp:mod_sftp_pam:mod_sftp_sql:mod_tls_shmcache | |
| %configure \ | |
| --libexecdir="%{_libexecdir}/proftpd" \ | |
| --localstatedir="%{_localstatedir}/run/proftpd" \ | |
| --disable-strip \ | |
| --enable-ctrls \ | |
| --enable-dso \ | |
| --enable-facl \ | |
| --enable-ipv6 \ | |
| --enable-nls \ | |
| --enable-openssl \ | |
| --enable-shadow \ | |
| --with-libraries="%{_libdir}/mysql" \ | |
| --with-includes="%{_includedir}/mysql" \ | |
| --with-modules=mod_readme:mod_auth_pam:mod_tls:mod_vroot \ | |
| --with-shared=${SMOD1}:${SMOD2}:${SMOD3}:${SMOD4}:${SMOD5}:${SMOD6}:mod_ifsession | |
| make %{?_smp_mflags} CFLAGS="%{optflags} -fno-strict-aliasing" | |
| %install | |
| rm -rf %{buildroot} | |
| make install DESTDIR=%{buildroot} \ | |
| rundir="%{_localstatedir}/run/proftpd" \ | |
| INSTALL_USER=`id -un` \ | |
| INSTALL_GROUP=`id -gn` | |
| install -D -p -m 640 proftpd.conf %{buildroot}%{_sysconfdir}/proftpd.conf | |
| install -D -p -m 644 proftpd.pam %{buildroot}%{_sysconfdir}/pam.d/proftpd | |
| install -D -p -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/proftpd | |
| install -D -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/xinetd.d/xproftpd | |
| install -D -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/proftpd | |
| install -D -p -m 644 %{SOURCE5} %{buildroot}%{_localstatedir}/ftp/welcome.msg | |
| install -D -p -m 644 %{SOURCE9} %{buildroot}%{_sysconfdir}/sysconfig/proftpd | |
| mkdir -p %{buildroot}%{_localstatedir}/{ftp/{pub,uploads},log/proftpd} | |
| touch %{buildroot}%{_sysconfdir}/ftpusers | |
| # Make sure /var/run/proftpd exists at boot time for systems | |
| # with /var/run on tmpfs (#656675) | |
| %if 0%{?fedora} > 14 | |
| install -d -m 755 %{buildroot}%{_sysconfdir}/tmpfiles.d | |
| install -p -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/tmpfiles.d/proftpd.conf | |
| %endif | |
| # Find translations | |
| %find_lang proftpd | |
| %clean | |
| rm -rf %{buildroot} | |
| %post | |
| if [ $1 -eq 1 ]; then | |
| /sbin/chkconfig --add proftpd | |
| IFS=":"; cat /etc/passwd | \ | |
| while { read username nu nu gid nu nu nu nu; }; do \ | |
| if [ $gid -lt 100 -a "$username" != "ftp" ]; then | |
| echo $username >> %{_sysconfdir}/ftpusers | |
| fi | |
| done | |
| fi | |
| %preun | |
| if [ $1 -eq 0 ]; then | |
| /sbin/service proftpd stop &>/dev/null || : | |
| /sbin/chkconfig --del proftpd || : | |
| /sbin/service xinetd reload &>/dev/null || : | |
| find %{_localstatedir}/run/proftpd -depth -mindepth 1 | | |
| xargs rm -rf &>/dev/null || : | |
| fi | |
| %postun | |
| if [ $1 -ge 1 ]; then | |
| /sbin/service proftpd condrestart &>/dev/null || : | |
| fi | |
| %files -f proftpd.lang | |
| %doc COPYING CREDITS ChangeLog NEWS README | |
| %doc README.DSO README.modules README.IPv6 README.PAM | |
| %doc README.capabilities README.classes README.controls README.facl | |
| %doc contrib/README.contrib contrib/README.ratio | |
| %doc doc/* sample-configurations/ contrib/xferstats.holger-preiss | |
| %dir %{_localstatedir}/ftp/ | |
| %dir %{_localstatedir}/ftp/pub/ | |
| %dir %{_localstatedir}/run/proftpd/ | |
| %config(noreplace) %{_localstatedir}/ftp/welcome.msg | |
| %config(noreplace) %{_sysconfdir}/blacklist.dat | |
| %config(noreplace) %{_sysconfdir}/dhparams.pem | |
| %config(noreplace) %{_sysconfdir}/ftpusers | |
| %config(noreplace) %{_sysconfdir}/logrotate.d/proftpd | |
| %config(noreplace) %{_sysconfdir}/pam.d/proftpd | |
| %config(noreplace) %{_sysconfdir}/proftpd.conf | |
| %config(noreplace) %{_sysconfdir}/sysconfig/proftpd | |
| %config(noreplace) %{_sysconfdir}/xinetd.d/xproftpd | |
| %{_sysconfdir}/rc.d/init.d/proftpd | |
| %if 0%{?fedora} > 14 | |
| %{_sysconfdir}/tmpfiles.d/proftpd.conf | |
| %endif | |
| %{_bindir}/ftpcount | |
| %{_bindir}/ftpdctl | |
| %{_bindir}/ftptop | |
| %{_bindir}/ftpwho | |
| %exclude %{_bindir}/prxs | |
| %{_sbindir}/ftpscrub | |
| %{_sbindir}/ftpshut | |
| %{_sbindir}/in.proftpd | |
| %{_sbindir}/proftpd | |
| %{_mandir}/man1/ftpcount.1* | |
| %{_mandir}/man1/ftptop.1* | |
| %{_mandir}/man1/ftpwho.1* | |
| %{_mandir}/man5/xferlog.5* | |
| %{_mandir}/man8/ftpdctl.8* | |
| %{_mandir}/man8/ftpscrub.8* | |
| %{_mandir}/man8/ftpshut.8* | |
| %{_mandir}/man8/proftpd.8* | |
| %exclude %{_includedir}/proftpd/ | |
| %exclude %{_libdir}/pkgconfig/ | |
| %dir %{_libexecdir}/proftpd/ | |
| %{_libexecdir}/proftpd/mod_ban.so | |
| %{_libexecdir}/proftpd/mod_ctrls_admin.so | |
| %{_libexecdir}/proftpd/mod_exec.so | |
| %{_libexecdir}/proftpd/mod_facl.so | |
| %{_libexecdir}/proftpd/mod_geoip.so | |
| %{_libexecdir}/proftpd/mod_ifsession.so | |
| %{_libexecdir}/proftpd/mod_load.so | |
| %{_libexecdir}/proftpd/mod_quotatab.so | |
| %{_libexecdir}/proftpd/mod_quotatab_file.so | |
| %{_libexecdir}/proftpd/mod_quotatab_radius.so | |
| %{_libexecdir}/proftpd/mod_quotatab_sql.so | |
| %{_libexecdir}/proftpd/mod_radius.so | |
| %{_libexecdir}/proftpd/mod_ratio.so | |
| %{_libexecdir}/proftpd/mod_rewrite.so | |
| %{_libexecdir}/proftpd/mod_sftp.so | |
| %{_libexecdir}/proftpd/mod_sftp_pam.so | |
| %{_libexecdir}/proftpd/mod_sftp_sql.so | |
| %{_libexecdir}/proftpd/mod_shaper.so | |
| %{_libexecdir}/proftpd/mod_site_misc.so | |
| %{_libexecdir}/proftpd/mod_sql.so | |
| %{_libexecdir}/proftpd/mod_sql_passwd.so | |
| %{_libexecdir}/proftpd/mod_tls_shmcache.so | |
| %{_libexecdir}/proftpd/mod_wrap.so | |
| %{_libexecdir}/proftpd/mod_wrap2.so | |
| %{_libexecdir}/proftpd/mod_wrap2_file.so | |
| %{_libexecdir}/proftpd/mod_wrap2_sql.so | |
| %exclude %{_libexecdir}/proftpd/*.a | |
| %exclude %{_libexecdir}/proftpd/*.la | |
| %attr(331, ftp, ftp) %dir %{_localstatedir}/ftp/uploads/ | |
| %attr(750, root, root) %dir %{_localstatedir}/log/proftpd/ | |
| %files ldap | |
| %doc README.LDAP contrib/mod_quotatab_ldap.ldif contrib/mod_quotatab_ldap.schema | |
| %{_libexecdir}/proftpd/mod_ldap.so | |
| %{_libexecdir}/proftpd/mod_quotatab_ldap.so | |
| %files mysql | |
| %{_libexecdir}/proftpd/mod_sql_mysql.so | |
| %files postgresql | |
| %{_libexecdir}/proftpd/mod_sql_postgres.so | |
| %changelog | |
| * Fri Jan 18 2013 Paul Howarth <paul@city-fan.org> 1.3.3g-2 | |
| - Fix possible symlink race when applying UserOwner to newly created directory | |
| (CVE-2012-6095, #892715, http://bugs.proftpd.org/show_bug.cgi?id=3841) | |
| - Add -fno-strict-aliasing, needed for mod_radius | |
| - Drop %%defattr, redundant since rpm 4.4 | |
| * Thu Nov 10 2011 Paul Howarth <paul@city-fan.org> 1.3.3g-1 | |
| - Update to 1.3.3g, fixing the following bugs: | |
| - ProFTPD with mod_sql_mysql dies of "Alarm clock" on FreeBSD (bug 3702) | |
| - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks (bug 3704); | |
| to disable this countermeasure, which may cause interoperability issues | |
| with some clients, use the NoEmptyFragments TLSOption | |
| - Response pool use-after-free memory corruption error | |
| (bug 3711, #752812, ZDI-CAN-1420, CVE-2011-4130) | |
| * Tue Sep 27 2011 Paul Howarth <paul@city-fan.org> 1.3.3f-1 | |
| - Update to 1.3.3f, fixing a large number of bugs reported upstream: | |
| - Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639) | |
| - Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used | |
| (bug 3642) | |
| - Disable signal handling for exiting session processes (bug 3644) | |
| - TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652) | |
| - TLSVerifyOrder directive is broken (bug 3658) | |
| - Segmentation fault if there is regex <IfUser> section in a <VirtualHost> | |
| section; this is a regression caused by a bad backport of the fix for | |
| Bug#3625 to the 1.3.3 branch (bug 3659) | |
| - Filenames with embedded IAC do not get processed correctly (bug 3697) | |
| - Drop upstreamed nostrip patch | |
| - Use new --disable-strip option to retain debugging symbols | |
| - Use upstream LDAP quota table schema rather than our own copy | |
| * Mon Apr 4 2011 Paul Howarth <paul@city-fan.org> 1.3.3e-1 | |
| - Update to 1.3.3e, fixing a large number of bugs reported upstream: | |
| - Process privileges may not handled properly when --enable-autoshadow is | |
| used (bug 3757) | |
| - mod_sftp closes channel too early after scp download (bug 3544) | |
| - mod_sftp_pam may tell client to disable echoing erroneously (bug 3579) | |
| - mod_sftp behaves badly when receiving badly formed SSH messages (bug 3586, | |
| CVE-2011-1137) | |
| - Using "$shell $libtool" in prxs does not work for all shells (bug 3593) | |
| - WrapAllowMsg directive broken due to bug 3423 (bug 3538) | |
| - SocketOptions receive/send buffer size parameters no longer work (bug 3607) | |
| - mod_wrap2 needs to support netmask rules for IPv6 addresses (bug 3606) | |
| - APPE/STOU upload flags erroneously preserved across upload commands | |
| (bug 3612) | |
| - Malicious module can use sreplace() function to overflow buffer (bug 3614) | |
| - Exiting sessions don't seem to die properly (bug 3619) | |
| - mod_delay sometimes logs "unable to load DelayTable into memory" (bug 3622) | |
| - Plaintext command injection in FTPS support (bug 3624) | |
| - mod_ifsession rules using regular expressions do not work (bug 3625) | |
| - Truncated client name saved in ScoreboardFile (bug 3623) | |
| - %%w variable populated with non-absolute path in SQLLog statement (bug 3627) | |
| - Unnecessarily verbose "warning: unable to throttle bandwidth: Interrupted | |
| system call" (bug 3628) | |
| - SSH DISCONNECT messages sent by mod_sftp even for FTP connections in some | |
| cases (bug 3630) | |
| - mod_sql should log "unrecoverable database error" at a higher priority | |
| (bug 3632) | |
| - Proftpd is eating CPU when reparsing configuration file on SIGHUP (bug 3610) | |
| - Incorrect generation of DSA signature for SSH sessions (bug 3634) | |
| - Update mod_vroot to 0.9.2 | |
| - Fix typo in initscript | |
| - Nobody else likes macros for commands | |
| * Mon Dec 20 2010 Paul Howarth <paul@city-fan.org> 1.3.3d-1 | |
| - Update to 1.3.3d | |
| - Fixed sql_prepare_where() buffer overflow (bug 3536) | |
| - Fixed CPU spike when handling .ftpaccess files | |
| - Fixed handling of SFTP uploads when compression is used | |
| * Fri Dec 10 2010 Paul Howarth <paul@city-fan.org> 1.3.3c-3 | |
| - Update mod_vroot to 0.9 (improvements to alias handling) | |
| - Note that the previous default configuration is broken by this change; see | |
| the new VRootAlias line in proftpd.conf | |
| - Add Default-Stop LSB keyword in initscript (for runlevels 0, 1, and 6) | |
| * Wed Dec 1 2010 Paul Howarth <paul@city-fan.org> 1.3.3c-2 | |
| - Add /etc/tmpfiles.d/proftpd.conf for builds on Fedora 15 onwards to | |
| support running with /var/run on tmpfs (#656675) | |
| * Mon Nov 1 2010 Paul Howarth <paul@city-fan.org> 1.3.3c-1 | |
| - Update to 1.3.3c (#647965) | |
| - Fixed Telnet IAC stack overflow vulnerability (CVE-2010-4221) | |
| - Fixed directory traversal bug in mod_site_misc (CVE-2010-3867) | |
| - Fixed SQLite authentications using "SQLAuthType Backend" | |
| - New DSO module: mod_geoip | |
| * Fri Sep 10 2010 Paul Howarth <paul@city-fan.org> 1.3.3b-1 | |
| - Update to 1.3.3b | |
| - Fixed SFTP directory listing bug | |
| - Avoid corrupting utmpx databases on FreeBSD | |
| - Avoid null pointer dereferences during data transfers | |
| - Fixed "AuthAliasOnly on" anonymous login | |
| * Fri Jul 2 2010 Paul Howarth <paul@city-fan.org> 1.3.3a-1 | |
| - Update to 1.3.3a | |
| - Added Japanese translation | |
| - Many mod_sftp bugfixes | |
| - Fixed SSL_shutdown() errors caused by OpenSSL 0.9.8m and later | |
| - Fixed handling of utmp/utmpx format changes on FreeBSD | |
| * Thu Feb 25 2010 Paul Howarth <paul@city-fan.org> 1.3.3-1 | |
| - Update to 1.3.3 (see NEWS for list of fixed bugs) | |
| - Update PID file location in initscript | |
| - Drop upstreamed patches | |
| - Upstream distribution now includes mod_exec, so drop unbundled source | |
| - New DSO modules: | |
| - mod_sftp | |
| - mod_sftp_pam | |
| - mod_sftp_sql | |
| - mod_shaper | |
| - mod_sql_passwd | |
| - mod_tls_shmcache | |
| - Configure script no longer appends "/proftpd" to --localstatedir option | |
| - New utility ftpscrub for scrubbing the scoreboard file | |
| - Include public key blacklist and Diffie-Hellman parameter files for mod_sftp | |
| in %%{_sysconfdir} | |
| - Remove IdentLookups from config file - disabled by default now | |
| * Mon Feb 15 2010 Paul Howarth <paul@city-fan.org> 1.3.2d-1 | |
| - Update to 1.3.2d, addressing the following issues: | |
| - mod_tls doesn't compile with pre-0.9.7 openssl (bug 3358) | |
| - Lack of PID protection in ScoreboardFile (bug 3370) | |
| - Crash when retrying a failed login with mod_radius being used (bug 3372) | |
| - RADIUS authentication broken on 64-bit platforms (bug 3381) | |
| - SIGHUP eventually causes certain DSO modules to segfault (bug 3387) | |
| * Thu Dec 10 2009 Paul Howarth <paul@city-fan.org> 1.3.2c-1 | |
| - Update to 1.3.2c, addressing the following issues: | |
| - SSL/TLS renegotiation vulnerability (CVE-2009-3555, bug 3324) | |
| - Failed database transaction can cause mod_quotatab to loop (bug 3228) | |
| - Segfault in mod_wrap (bug 3332) | |
| - <Directory> sections can have <Limit> problems (bug 3337) | |
| - mod_wrap2 segfaults when a valid user retries the USER command (bug 3341) | |
| - mod_auth_file handles 'getgroups' request incorrectly (bug 3347) | |
| - Segfault caused by scrubbing zero-length portion of memory (bug 3350) | |
| - Drop upstreamed segfault patch | |
| * Thu Dec 10 2009 Paul Howarth <paul@city-fan.org> 1.3.2b-3 | |
| - Add patch for upstream bug 3350 - segfault on auth failures | |
| * Wed Dec 9 2009 Paul Howarth <paul@city-fan.org> 1.3.2b-2 | |
| - Reduce the mod_facts patch to the single commit addressing the issue with | |
| directory names with glob characters (#521634), avoiding introducing a | |
| further problem with <Limit> (#544002) | |
| * Wed Oct 21 2009 Paul Howarth <paul@city-fan.org> 1.3.2b-1 | |
| - Update to 1.3.2b | |
| - Fixed regression causing command-line define options not to work (bug 3221) | |
| - Fixed SSL/TLS cert subjectAltName verification (bug 3275, CVE-2009-3639) | |
| - Use correct cached user values with "SQLNegativeCache on" (bug 3282) | |
| - Fix slower transfers of multiple small files (bug 3284) | |
| - Support MaxTransfersPerHost, MaxTransfersPerUser properly (bug 3287) | |
| - Handle symlinks to directories with trailing slashes properly (bug 3297) | |
| - Drop upstreamed defines patch (bug 3221) | |
| * Thu Sep 17 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-7 | |
| - Restore backward SRPM compatibility broken by previous change | |
| * Wed Sep 16 2009 Tomas Mraz <tmraz@redhat.com> 1.3.2a-6 | |
| - Use password-auth common PAM configuration instead of system-auth | |
| * Mon Sep 7 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-5 | |
| - Add upstream patch for MLSD with dirnames containing glob chars (#521634) | |
| * Wed Sep 2 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-4 | |
| - New DSO module: mod_exec (#520214) | |
| * Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> 1.3.2a-3.1 | |
| - Rebuilt with new openssl | |
| * Wed Aug 19 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-3 | |
| - Use mod_vroot to work around PAM/chroot issues (#477120, #506735) | |
| * Fri Jul 31 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-2 | |
| - Add upstream patch to fix parallel build (http://bugs.proftpd.org/3189) | |
| * Mon Jul 27 2009 Paul Howarth <paul@city-fan.org> 1.3.2a-1 | |
| - Update to 1.3.2a | |
| - Add patch to reinstate support for -DPARAMETER (http://bugs.proftpd.org/3221) | |
| - Retain CAP_AUDIT_WRITE, needed for pam_loginuid (#506735, fixed upstream) | |
| - Remove ScoreboardFile directive from configuration file - default value | |
| works better with SELinux (#498375) | |
| - Ship mod_quotatab_sql.so in the main package rather than the SQL backend | |
| subpackages | |
| - New DSO modules: | |
| - mod_ctrls_admin | |
| - mod_facl | |
| - mod_load | |
| - mod_quotatab_radius | |
| - mod_radius | |
| - mod_ratio | |
| - mod_rewrite | |
| - mod_site_misc | |
| - mod_wrap2 | |
| - mod_wrap2_file | |
| - mod_wrap2_sql | |
| - Enable mod_lang/nls support for RFC 2640 (and buildreq gettext) | |
| - Add /etc/sysconfig/proftpd to set PROFTPD_OPTIONS and update initscript to | |
| use this value so we can use a define to enable (e.g.) anonymous FTP support | |
| rather than having a huge commented-out section in the config file | |
| - Rewrite config file to remove most settings that don't change upstream | |
| defaults, and add brief descriptions for all available loadable modules | |
| - Move Umask and IdentLookups settings from server config to <Global> context | |
| so that they apply to all servers, including virtual hosts (#509251) | |
| - Ensure mod_ifsession is always the last one specified, which makes sure that | |
| mod_ifsession's changes are seen properly by other modules | |
| - Drop pam version requirement - all targets have sufficiently recent version | |
| - Drop redundant explicit dependency on pam | |
| - Subpackages don't need to own %%{_libexecdir}/proftpd directory | |
| - Drop redundant krb5-devel buildreq | |
| - Make SRPM back-compatible with EPEL-4 (TLS cert dirs, PAM config) | |
| - Don't include README files for non-Linux platforms | |
| - Recode ChangeLog as UTF-8 | |
| - Don't ship the prxs tool for building custom DSO's since we don't ship the | |
| headers either | |
| - Prevent stripping of binaries in a slightly more robust way | |
| - Fix release tag to be ready for future beta/rc versions | |
| - Define RPM macros in global scope | |
| - BuildRequire libcap-devel so that we use the system library rather than the | |
| bundled one, and eliminate log messages like: | |
| kernel: warning: `proftpd' uses 32-bit capabilities (legacy support in use) | |
| * Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> 1.3.2-3.1 | |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild | |
| * Thu Apr 9 2009 Matthias Saou <http://freshrpms.net/> 1.3.2-2.1 | |
| - Update the tcp_wrappers BR to be just /usr/include/tcpd.h instead. | |
| * Thu Apr 9 2009 Matthias Saou <http://freshrpms.net/> 1.3.2-2 | |
| - Fix tcp_wrappers-devel BR conditional. | |
| * Mon Apr 6 2009 Matthias Saou <http://freshrpms.net/> 1.3.2-1 | |
| - Update to 1.3.2. | |
| - Include mod_wrap (#479813). | |
| - Tried to include mod_wrap2* modules but build failed. | |
| * Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> | |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild | |
| * Sat Jan 24 2009 Caolán McNamara 1.3.2-0.3.rc3 | |
| - Rebuild for dependencies | |
| * Fri Jan 2 2009 Matthias Saou <http://freshrpms.net/> 1.3.2-0.2.rc3 | |
| - Update default configuration to have a lit of available modules and more | |
| example configuration for them. | |
| * Mon Dec 22 2008 Matthias Saou <http://freshrpms.net/> 1.3.2-0.1.rc3 | |
| - Update to 1.3.2rc3 (fixes security issue #464127) | |
| - Exclude new pkgconfig file, as we already exclude header files (if someone | |
| ever needs to rebuild something against this proftpd, just ask and I'll split | |
| out a devel package... but it seems pretty useless currently). | |
| - Remove no longer needed find-umode_t patch. | |
| * Fri Aug 8 2008 Matthias Saou <http://freshrpms.net/> 1.3.1-6 | |
| - Add mod_ban support (#457289, Philip Prindeville). | |
| * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> | |
| - Autorebuild for GCC 4.3 | |
| * Wed Feb 13 2008 Matthias Saou <http://freshrpms.net/> 1.3.1-4 | |
| - Pass --enable-shadow to also have it available, not just PAM (#378981). | |
| - Add mod_ifsession as DSO (#432539). | |
| * Mon Dec 17 2007 Matthias Saou <http://freshrpms.net/> 1.3.1-3 | |
| - Rebuild for new openssl, patch from Paul Howarth. | |
| * Mon Oct 22 2007 Matthias Saou <http://freshrpms.net/> 1.3.1-2 | |
| - Include openldap schema file for quota support (Fran Taylor, #291891). | |
| - Include FDS compatible LDIF file for quota support (converted). | |
| - Prefix source welcome.msg for consistency. | |
| * Tue Oct 9 2007 Matthias Saou <http://freshrpms.net/> 1.3.1-1 | |
| - Update to 1.3.1 final. | |
| - Remove all patches (upstream). | |
| * Sun Aug 19 2007 Matthias Saou <http://freshrpms.net/> 1.3.1-0.2.rc3 | |
| - Update to 1.3.1rc3 (the only version to fix #237533 aka CVE-2007-2165). | |
| - Remove all patches, none are useful anymore. | |
| - Patch sstrncpy.c for config.h not being included (reported upstream #2964). | |
| - Patch mod_sql_mysql.c to fix a typo (already fixed in CVS upstream). | |
| - Exclude new headers, at least until some first 3rd party module shows up. | |
| - Clean up old leftover CVS strings from our extra files. | |
| - LSB-ize the init script (#247033). | |
| - Explicitly pass --enable-openssl since configure tells us "(default=no)". | |
| - Include patch to fix open calls on F8. | |
| * Sun Aug 12 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-8 | |
| - Fix logrotate entry to silence error when proftpd isn't running (#246392). | |
| * Mon Aug 6 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-7 | |
| - Include patch to fix "open" calls with recent glibc. | |
| * Mon Aug 6 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-6 | |
| - Update License field. | |
| * Fri Jun 15 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-5 | |
| - Remove _smp_mflags to (hopefully) fix build failure. | |
| * Fri Jun 15 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-4 | |
| - Fix PAM entry for F7+ (#244168). Still doesn't work with selinux, though. | |
| * Fri May 4 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-4 | |
| - Fix auth bypass vulnerability (#237533, upstream #2922)... not! :-( | |
| * Tue Feb 6 2007 Matthias Saou <http://freshrpms.net/> 1.3.0a-3 | |
| - Patch to fix local user buffer overflow in controls request handling, rhbz | |
| bug #219938, proftpd bug #2867. | |
| * Mon Dec 11 2006 Matthias Saou <http://freshrpms.net/> 1.3.0a-2 | |
| - Rebuild against new PostgreSQL. | |
| * Mon Nov 27 2006 Matthias Saou <http://freshrpms.net/> 1.3.0a-1 | |
| - Update to 1.3.0a, which actually fixes CVE-2006-5815... yes, #214820!). | |
| * Thu Nov 16 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-10 | |
| - Fix cmdbufsize patch for missing CommandBufferSize case (#214820 once more). | |
| * Thu Nov 16 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-9 | |
| - Include mod_tls patch (#214820 too). | |
| * Mon Nov 13 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-8 | |
| - Include cmdbufsize patch (#214820). | |
| * Mon Aug 28 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-7 | |
| - FC6 rebuild. | |
| * Mon Aug 21 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-6 | |
| - Add mod_quotatab, _file, _ldap and _sql (#134291). | |
| * Mon Jul 3 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-5 | |
| - Disable sendfile by default since it breaks displaying the download speed in | |
| ftptop and ftpwho (#196913). | |
| * Mon Jun 19 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-4 | |
| - Include ctrls restart patch, see #195884 (patch from proftpd.org #2792). | |
| * Wed May 10 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-3 | |
| - Add commented section about DSO loading to the default proftpd.conf. | |
| - Update TLS cert paths in the default proftpd.conf to /etc/pki/tls. | |
| * Fri Apr 28 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-2 | |
| - Mark pam.d and logrotate.d config files as noreplace. | |
| - Include patch to remove -rpath to DESTDIR/usr/sbin/ in the proftpd binary | |
| when DSO is enabled (#190122). | |
| * Fri Apr 21 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-1 | |
| - Update to 1.3.0 final. | |
| - Remove no longer needed PostgreSQL and OpenSSL detection workarounds. | |
| - Remove explicit conflicts on wu-ftpd, anonftp and vsftpd to let people | |
| install more than one ftp daemon (what for? hmm...) (#189023). | |
| - Enable LDAP, MySQL and PostgreSQL as DSOs by default, and stuff them in | |
| new sub-packages. This won't introduce any regression since they weren't | |
| enabled by default. | |
| - Remove useless explicit requirements. | |
| - Rearrange scriplets requirements. | |
| - Enable ctrls (controls via ftpdctl) and facl (POSIX ACLs). | |
| - Using --disable-static makes the build fail, so exclude .a files in %%files. | |
| - Silence harmless IPv6 failure message at startup when IPv6 isn't available. | |
| * Tue Mar 7 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-0.2.rc4 | |
| - Update to 1.3.0rc4 (bugfix release). | |
| * Mon Mar 6 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-0.2.rc3 | |
| - FC5 rebuild. | |
| * Thu Feb 9 2006 Matthias Saou <http://freshrpms.net/> 1.3.0-0.1.rc3 | |
| - Update to 1.3.0rc3, which builds with the latest openssl. | |
| * Thu Nov 17 2005 Matthias Saou <http://freshrpms.net/> 1.2.10-7 | |
| - Rebuild against new openssl library... not. | |
| * Wed Jul 13 2005 Matthias Saou <http://freshrpms.net/> 1.2.10-6 | |
| - The provided pam.d file no longer works, use our own based on the one from | |
| the vsftpd package (#163026). | |
| - Rename the pam.d file we use from 'ftp' to 'proftpd'. | |
| - Update deprecated AuthPAMAuthoritative in the config file (see README.PAM). | |
| * Tue May 10 2005 Matthias Saou <http://freshrpms.net/> 1.2.10-4 | |
| - Disable stripping in order to get useful debuginfo packages. | |
| * Fri Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net> 1.2.10-3 | |
| - rebuilt | |
| * Tue Nov 16 2004 Matthias Saou <http://freshrpms.net/> 1.2.10-2 | |
| - Bump release to provide Extras upgrade path. | |
| * Wed Sep 22 2004 Matthias Saou <http://freshrpms.net/> 1.2.10-1 | |
| - Updated to release 1.2.10. | |
| * Tue Jun 22 2004 Matthias Saou <http://freshrpms.net/> 1.2.9-8 | |
| - Added ncurses-devel build requires to fix the ftptop utility. | |
| * Fri Feb 26 2004 Magnus-swe <Magnus-swe@telia.com> 1.2.9-7 | |
| - Fixed the scoreboard and pidfile issues. | |
| * Fri Jan 9 2004 Matthias Saou <http://freshrpms.net/> 1.2.9-6 | |
| - Pass /var/run/proftpd as localstatedir to configure to fix pid and | |
| scoreboard file problems. | |
| * Wed Dec 10 2003 Matthias Saou <http://freshrpms.net/> 1.2.9-4 | |
| - Fixed the MySQL include path, thanks to Jim Richardson. | |
| - Renamed the postgres conditional build to postgresql. | |
| * Tue Nov 11 2003 Matthias Saou <http://freshrpms.net/> 1.2.9-3 | |
| - Renamed the xinetd service to xproftpd to avoid conflict. | |
| - Only HUP the standalone proftpd through logrotate if it's running. | |
| * Fri Nov 7 2003 Matthias Saou <http://freshrpms.net/> 1.2.9-2 | |
| - Rebuild for Fedora Core 1. | |
| - Modified the init script to make it i18n aware. | |
| * Fri Oct 31 2003 Matthias Saou <http://freshrpms.net/> 1.2.9-1 | |
| - Update to 1.2.9. | |
| * Wed Sep 24 2003 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.8p to fix secutiry vulnerability. | |
| - Fix the TLS build option at last, enable it by default. | |
| * Mon Aug 4 2003 Matthias Saou <http://freshrpms.net/> | |
| - Minor fixes in included README files. | |
| * Mon Mar 31 2003 Matthias Saou <http://freshrpms.net/> | |
| - Rebuilt for Red Hat Linux 9. | |
| * Thu Mar 13 2003 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.8. | |
| - Remove the renamed linuxprivs module. | |
| - Added TLS module build option. | |
| * Fri Dec 13 2002 Matthias Saou <http://freshrpms.net/> | |
| - Fix change for ScoreboardFile in the default conf, thanks to Sven Hoexter. | |
| * Mon Dec 9 2002 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.7. | |
| * Thu Sep 26 2002 Matthias Saou <http://freshrpms.net/> | |
| - Rebuilt for Red Hat Linux 8.0. | |
| * Tue Sep 17 2002 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.6. | |
| - Fixed typo in the config for "AllowForeignAddress" thanks to Michel Kraus. | |
| - Removed obsolete user install patch. | |
| - Added "modular" ldap, mysql and postgresql support. | |
| * Mon Jun 10 2002 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.5. | |
| - Changed the welcome.msg to config so that it doesn't get replaced. | |
| * Fri May 3 2002 Matthias Saou <http://freshrpms.net/> | |
| - Rebuilt against Red Hat Linux 7.3. | |
| - Added the %%{?_smp_mflags} expansion. | |
| * Tue Oct 23 2001 Matthias Saou <http://freshrpms.net/> | |
| - Changed the default config file : Where the pid file is stored, addedd | |
| an upload authorization in anon server, and separate anon logfiles. | |
| - Updated welcome.msg to something nicer. | |
| * Fri Oct 19 2001 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.4, since 1.2.3 had a nasty umask bug. | |
| * Sat Aug 18 2001 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.2 final. | |
| - Changed the default config file a lot. | |
| * Wed Apr 25 2001 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.2rc2. | |
| * Mon Apr 1 2001 Matthias Saou <http://freshrpms.net/> | |
| - Update to 1.2.2rc1. | |
| * Tue Mar 20 2001 Matthias Saou <http://freshrpms.net/> | |
| - Added a DenyFilter to prevent a recently discovered DOS attack. | |
| This is only useful for fresh installs since the config file is not | |
| overwritten. | |
| * Fri Mar 2 2001 Matthias Saou <http://freshrpms.net/> | |
| - Upgraded to 1.2.1. | |
| - New init script (added condrestart). | |
| * Tue Feb 27 2001 Matthias Saou <http://freshrpms.net/> | |
| - Upgraded to 1.2.0 final. | |
| * Tue Feb 6 2001 Matthias Saou <http://freshrpms.net/> | |
| - Upgraded to 1.2.0rc3 (at last a new version!) | |
| - Modified the spec file to support transparent upgrades | |
| * Wed Nov 8 2000 Matthias Saou <http://freshrpms.net/> | |
| - Upgraded to the latest CVS to fix the "no PORT command" bug | |
| - Fixed the ftpuser creation script | |
| - Modified the default config file to easily change to an anonymous | |
| server | |
| * Sun Oct 15 2000 Matthias Saou <http://freshrpms.net/> | |
| [proftpd-1.2.0rc2-2] | |
| - Updated the spec file and build process for RedHat 7.0 | |
| - Added xinetd support | |
| - Added logrotate.d support | |
| * Fri Jul 28 2000 Matthias Saou <http://freshrpms.net/> | |
| [proftpd-1.2.0rc2-1] | |
| - Upgraded to 1.2.0rc2 | |
| - Upgraded to 1.2.0rc1 | |
| * Sat Jul 22 2000 Matthias Saou <http://freshrpms.net/> | |
| [proftpd-1.2.0rc1-1] | |
| - Upgraded to 1.2.0rc1 | |
| - Re-did the whole spec file (it's hopefully cleaner now) | |
| - Made a patch to be able to build the RPM as an other user than root | |
| - Added default pam support (but without /etc/shells check) | |
| - Rewrote the rc.d script (mostly exit levels and ftpshut stuff) | |
| - Modified the default configuration file to not display a version number | |
| - Changed the package to standalone in one single RPM easily changeable | |
| to inetd (for not-so-newbie users) | |
| - Fixed the ftpusers generating shell script (missing "nu"s for me...) | |
| - Removed mod_ratio (usually used with databases modules anyway) | |
| - Removed the prefix (relocations a rarely used on non-X packages) | |
| - Gzipped the man pages | |
| * Thu Oct 03 1999 O.Elliyasa <osman@Cable.EU.org> | |
| - Multi package creation. | |
| Created core, standalone, inetd (&doc) package creations. | |
| Added startup script for init.d | |
| Need to make the "standalone & inetd" packages being created as "noarch" | |
| - Added URL. | |
| - Added prefix to make the package relocatable. | |
| * Wed Sep 08 1999 O.Elliyasa <osman@Cable.EU.org> | |
| - Corrected inetd.conf line addition/change logic. | |
| * Sat Jul 24 1999 MacGyver <macgyver@tos.net> | |
| - Initial import of spec. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment