------------------------------------------------------------------- Wed Jun 14 11:32:59 UTC 2017 - psimons@suse.com - Fix broken pure-ftpd.init script. We cannot use startproc to run /usr/sbin/pure-config.pl, because the utility assumes that the name of that executable matches the name of the started process, which it does not in our case. Furthermore, the start script will write a status message to stdout, so we don't have to do it in the init script. [bsc#1042690] ------------------------------------------------------------------- Tue May 30 10:47:45 UTC 2017 - psimons@suse.com - Update to pure-ftpd version 1.0.43 from openSUSE:Factory as per fate#321125. That update brings the following changes: * These patches have been updated and renamed in the process: * pure-ftpd-1.0.22-default_tcp_sedrcv_buffer_size.patch is now in pure-ftpd-1.0.32-default_tcp_sedrcv_buffer_size.patch. * pure-ftpd-1.0.21-portrange.patch is now in pure-ftpd-1.0.32-portrange.patch. * pure-ftpd-1.0.32-cap-audit-write.patch is now in pure-ftpd-1.0.36-cap-audit-control.patch. * These patches are obsolete now and have been removed: * 0001-Act-like-a-server-even-in-TLS-mode-when-in-active-mo.patch * 0002-Init-a-TLS-data-session-after-having-sent-the-go-ahe.patch * 0003-add-opt_a-to-donlist.patch * 0004-support-stat-over-tls.patch * 0005-speedup-TLS-listing.patch * pure-ftpd-1.0.20_config_minuid.patch * pure-ftpd-1.0.22-fix-listing-if-directory-has-white-space-in-it.patch * pure-ftpd-1.0.22-flush-cmd-after-tls.patch * pure-ftpd-1.0.22-oes-bugfix-1.patch * pure-ftpd-1.0.22-oes-bugfix-2.patch * pure-ftpd-1.0.22-oes-bugfix.patch * pure-ftpd-1.0.22-oes-disable-ascii.patch * pure-ftpd-1.0.22-oes_remote_server.patch * pure-ftpd-1.0.22-wait-on-tls-handshake.patch * pure-ftpd-allow-crypto-settings.patch * pure-ftpd-remove-gpl-code.patch * Changes in version 1.0.42: - The connection is now dropped if HTTP commands are received. - LDAP force_default_gid and force_default_uid now work as documented. - The ONLY_ACCEPT_REUSED_SSL_SESSIONS switch (introduced in Pure-FTPd 1.0.22 circa 2009, but disabled back then due to client compatibility concerns) is now on by default, except in broken clients compatibility mode. - libmariadb is looked for in addition to libmysqlclient - MySQL: my_make_scrambled_password() is not always an exported symbol any more, so pure-ftpd now ships a reimplementation. - openssl/ec.h is not available on some Linux distributions that disable EC in OpenSSL. This is being tested by autoconf. - New command-line switch: -2/--certfile= to set the path to the certificate file when using TLS. - Support for TCP_FASTOPEN added on Linux - The LDAP configuration file didn't allow a default gid without also defining a default uid. This is no longer the case. - OpenBSD's glob() left the glob_t structure uninitialized if the pattern was larger than PATH_MAX, causing globfree() to free() an unwanted pointer. The bug was introduced in Pure-FTPd 1.0.34. * Changes in version 1.0.39: - Retry if SSL_shutdown() returns -1 and SSL_ERROR_WANT_(READ|WRITE) - The default cipher suite is now ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SH - TLS forward secrecy support was added. DH parameters are loaded from TLS_DHPARAMS_FILE, if present. ECDH is also supported - Default curve is prime256v1 (TLS_DEFAULT_ECDH_CURVE). The best curve is automatically selected when using LibreSSL. - scrypt hashed passwords can be used in the MySQL, PostgreSQL and LDAP backends. - The -C: prefix can be added to the cipher suite in order to make valid client certificates mandatory. This is no longer a compile-time option. - The Clear Command Channel (CCC) command is now supported. - pure-config.py is compatible with Python 3. - SSL (v2, v3) is refused by default. - The PureDB backend supports the scrypt function in order to hash passwords. This is the preferred algorithm, but requires the presence of libsodium. - DES-hashed passwords are not supported any more. - LDAP uid and gid values can over overridden in the LDAP configuration file. - RC4 was killed. * Changes in version 1.0.36 : - Sync built-in glob(3) code with OpenBSD-current, and remove code we don't use instead of ifdef'ing it. - Repair checkproc() on Linux when support for capabitilies is compiled in. Reported by Eric Gouyer. - Don't read /dev/*random every time we need a value. Just use arc4random() everywhere and seed it before we possibly chroot(). - Add support for MFMT, with the same code as SITE UTIME. - Support 2-arguments SITE UTIME. - LDAP: Add LDAPDefaultHomeDirectory, suggested by Landry Breuil. - Add SSL_OP_NO_SSLv3 to SSL options if the list of ciphers is prefixed by -S: , needed by Brad. - Use more paranoid compiler options whenever possible, and preliminary uncluttering of the autoconf script. - Try to cache locale-related data at startup after tzset(), rather than during a session. - Fix quota computation after rename() overwrites an existing file. - Improved autoconf detection of -fstack-protector and -fPIE. - If 10 digits are not enough to print the size of a file in an ls-like output, bump the max number of digits to 18. This adds support for files up to 1 exabyte. - Don't display dot files (except . and ..) if dot_read_ok is 0 in donlist() - but not in sglob() yet. This change is purely cosmetic. There are many ways to figure out if a file exists. * Changes in version 1.0.32: - Support SHA1 password hashing in MySQL and PostgreSQL backends - Support for braces expansion in directory listings has been disabled - Cf. CVE-2011-0418 * Changes in version 1.0.31: - Introduce --tlsciphersuite (-J) to set the list of allowed ciphers, thanks to Todd Rinaldo. - The -F switch has been documented in the built-in help. - Shell-like escaping is now partially handled when emulating the "ls" command. - Use my_make_scrambled_password() instead of make_scrambled_password(). Suggested by Arkadiusz Miskiewicz. * Changes in version 1.0.30 - pure-quotacheck can now work with a large number of files. - OPTS UTF-8 is now an alias to OPTS UTF8. - Fix a STARTTLS flaw similar to Postfix’s CVE-2011-0411. If you’re using TLS, upgrading is recommended. - Provide ANSI-compliant MySQL configuration example. - Fix some issues with man pages. * Changes in version 1.0.29: - max_dlmap_size was size_t instead off_t, causing misalignment while downloading > 4 Gb files on a 32-bits arch. - pread() vs lseek()+read() was a useless optimization, since pread() doesn't change the file position and further reads weren't going through plain read() calls. - iconv_fd_* should be initialized by (iconv_t) -1 as we test them upon exit. Fixes segfaults on glibc. - pure-uploadscript tries to reach the pipe during 30 seconds instead of 10. * Changes in version 1.0.28: - FTPD_PAM_SERVICE_NAME can be defined in order to change the PAM service name. - When an upload gets renamed (--autorename), send the new name to the uploadscript instead of the original one. - The ALLO command now checks for the actual disk space in addition to the virtal quota. - Work around OSX broken poll() - After an atomic resumed upload, don't append the previous file size to the quota. - Always accept OPTS UTF8 ON, but refuse OPTS UTF8 OFF if client_charset is UTF8. - Fix AUTHD_ENCRYPTED - Reset the CWD failures counter after a successful directory has been created. It avoids spurious disconnections with ncftp. - Support for iPhone has been moved to another branch. - Fix crash with PostgreSQL. * Changes in version 1.0.27: - Have pureftpd_shutdown() shut the server down even if a client is connected on iPhone. - Allow users with no quota to delete .pureftpd-upload-* files. - Unbreak ipv6 support, reported by Brad Smith. - Disable SSLv3 renegotiation if an old SSL library is used. If you really want to re-enable SSLv3 renegotiation, even with a recent library, you can always define ACCEPT_SSL_RENEGOTIATION. * Changes in version 1.0.26: - Fix incompatibilities with Cyberduck when TLS is enabled. - Don't TLS_accept() immediately after accept(). Reply on the connection socket first, so that clients don't have to wait before knowing that they can actually use TLS. It avoids lags with LFTP and hangs with Cyberduck. - Properly change the process name on Linux when the -S option is used, by Margus Kaidja. - Unbreak authentication of non-chrooted users. Thanks to Juergen Daubert for the bug report. * Changes in version 1.0.25: - Show symlinks as symlinks in MLSD, except when the broken client compatibility mode is turned on and links are not dangling (just like the old LIST and NLIST commands). Reported by Mime Cuvalo. - More gcc 2 compatibility, thanks to Todd Rinaldo. - Properly handle custom paths in man pages. Thanks to Scott Haneda and Mathieu Parisot. - Have $localstatedir default to /var as it used to be unless --localstatedir=... is explicitely passed to ./configure - Use @VERSION@ in man pages. - --without-pam disables PAM on OSX and iPhone. - Allow cross-compilation. - Experimental iPhone target. - Change the way it links, building a library first. - Don't use mmap() any more for downloads. It's too slow. - Don't use hard-coded paths in order to find MySQL and PostgreSQL libraries and header files. Use mysql_config and pg_config instead. Suggested by John Alberts. - Log the DELE command similar to the RETR and STOR commands. Suggested by Martin Fuxa. - The primary group gets cached so that it's always displayed in directory listings. - Avoid a client process to burn CPU in an infinite loop if the command channel gets disconnected before the data channel. Reported by Thomas Min and Margus Kaidja. - Restore the traditional behavior of a download restarting at the end of a file. For some weird reasons, some clients still insist on doing that. Don't send a 55x return code, just let them download... nothing. - Documentation updates. * Changes in version 1.0.24: - Refuse empty passwords in LDAP bind mode. Reported by Henning Brauer. - The package can now be compiled with gcc 2. * Changes in version 1.0.23: - LDAP: accept "enabled" as a correct value for FTPStatus as it used to be. - More useful error logging for OpenSSL errors. - Don't read certificates twice. - Fix compilation on Solaris with privsep, thanks to Ritesh Patel. - Don't replace : (as in IPv6 addresses) in host names. Thanks to Tero Pelander. - Add SUP top AUXILIARY to LDAP schema, suggested by Zhang Huangbin. - Don't ignore dot files even if -D is not supplied with the MLSD command. - Deinline code - Throttling more reliable - STAT is now working over TLS - DH keys for ephemeral key exchange are now handled - Fix libiconv checking - The column was missing in the PassivePortRange comment (thanks to Igor Alexadrov) - LDAP authentication through binding is now possible in addition to passwords. This allows for the FTP server to run with an unprivileged LDAP account. It also adds a warning if auth method password is used and doesn't find a userPassword attribute. This usually indicates that the LDAP bind DN cannot read the attributes, because it doesn't have sufficient privileges. Contributed by Wilco Baan Hofman. - Perform charset conversions on directory names. Issue spotted by Xianghu Zhao. - Almost a complete rewrite of the upload, download and TLS code for more reliability - Seemlessly handle ABOR without any SIGURG - Try to immediately handle any kind of disconnection - Use poll() rather than select() as much as possible - Distinguish aborted (even the hard way) and completed download and upload operations in log files - Minor corrections to he French messages - Don't use atomic uploads unless --notruncate or --autorename have been enabled - Take care of removing .pureftpd-upload-* files in every possible case - List up to 10000 files per directory per default instead of 2000 - Don't mess with TCP_NOPUSH, as it interferes with OpenSSL - New compile-time option: --with-implicittls in order to build a FTPS-only server - ./configure --localstatedir can now be used in order to avoid storing the scoreboard and other dynamic files in /var/run/ - Quota handling reworked (easier, and way more reliable) - RNTO support even when quota are enabled. - A bunch of return codes were fixed to be more RFC-conformant. - ALLO command is now actually checking if an upload can occur without blowing the quota. - Don't change the TCP window size. Admins should do this as part of their system configuration. - Privsep is now enabled by default. Use --without-privsep to disable. - --without-banner is gone. If you have a cookie file (-F), the default banner won't be displayed. - Compile with PAM by default on OSX. - Switch the privsep process to _pure-ftpd or pure-ftpd when no privileged call is actually necessary. Since only the effective uid chances, it's not brutally useful yet, but it paves the way for forthcoming changes. - Install man pages with local paths instead of hard-coded ones. ------------------------------------------------------------------- Wed Nov 19 14:15:05 UTC 2014 - tchvatal@suse.com - Update the crypto settings to allow more options ie SSL3 disabling: * pure-ftpd-allow-crypto-settings.patch ------------------------------------------------------------------- Thu Oct 30 14:21:01 UTC 2014 - tchvatal@suse.com - Refresh ascii patch to use -v as parameter to not collide with upstream tls patch * pure-ftpd-1.0.22-oes-disable-ascii.patch - Add patch to fix bnc#902229 allow ssl crypto settings * pure-ftpd-allow-crypto-settings.patch ------------------------------------------------------------------- Wed Oct 8 13:09:16 UTC 2014 - tchvatal@suse.com - fix bnc#899136: * pure-ftpd-1.0.22-fix-listing-if-directory-has-white-space-in-it.patch - fix bnc#828469 reenable and refresh oes-ascii.patch: * pure-ftpd-1.0.22-oes-disable-ascii.patch - fix bnc#856424 - wait on TLS handshake: * pure-ftpd-1.0.22-wait-on-tls-handshake.patch ------------------------------------------------------------------- Fri Mar 22 13:47:23 UTC 2013 - mvyskocil@suse.com - fix bnc#789129: mainframe can't transfer data on FTP-S connection * fix a lot of various TLS related bugs 0001-Act-like-a-server-even-in-TLS-mode-when-in-active-mo.patch 0002-Init-a-TLS-data-session-after-having-sent-the-go-ahe.patch 0003-add-opt_a-to-donlist.patch 0004-support-stat-over-tls.patch 0005-speedup-TLS-listing.patch - turn all Open Enterprise Server patches off, there is a patched pure-ftpd provided by OES itself ------------------------------------------------------------------- Tue Nov 27 12:29:34 UTC 2012 - mvyskocil@suse.com - fix bnc#788621 - GPL-2.0+ license in BSD-3-Clause licensed pureftp pure-ftpd-remove-gpl-code.patch replaces the GPL getloadavg with dummy implementation - fix bnc#756306 - pure-ftpd umask setting not working properly refresh pure-ftpd-1.0.20_config.patch - it documents how to setup umask in SUSE environment properly using pam_umask ------------------------------------------------------------------- Tue Oct 4 07:23:27 UTC 2011 - mvyskocil@suse.cz - fix bnc#721118: pure-ftpd oes tracking bug - fix bnc#524121 - configurable ldap port for ftp server - fix bnc#655608 - OES pure-ftpd: mdtm and some other commands fail, using full path of remote server access - fix bnc#717802 - FTP remote server navigation not working for file/directory operations when full path is specified. ------------------------------------------------------------------- Wed Aug 31 12:09:57 UTC 2011 - mvyskocil@suse.cz - fix bnc#699300 - FTP remote server navigation does not always succeed - fix bnc#685447 - pure-ftpd does not throw an error when the name resolution fails during remote server navigation - fix bnc#700335 - put files into NCP volumes fails - fix bnc#703035 - VUL-0: pure-ftpd: remote_server feature opens a vulnerability with directory traversal & file overwritting (CVE-2011-3171) * pure-ftpd-1.0.22-oes-bugfix-1.patch ------------------------------------------------------------------- Wed Jun 22 13:35:58 UTC 2011 - mvyskocil@suse.cz - fix bnc#700611 - pure-ftpd fails with pam * pure-ftpd-1.0.32-cap-audit-write.patch ------------------------------------------------------------------- Wed Jun 8 10:05:51 UTC 2011 - mvyskocil@suse.cz - fix bnc#698253 - pure-ftp-stop.pl script missing * return the script back ------------------------------------------------------------------- Mon May 23 09:31:07 UTC 2011 - mvyskocil@suse.cz - fix bnc#694531 - ftp login throws error: [ERROR] Function namGetUserFDNfromUID not found * fix a regression caused by patch for bnc#676680 ------------------------------------------------------------------- Wed May 18 16:13:35 CEST 2011 - dmueller@suse.de - add option to disable pure-ftpd ascii transfer mode (FATE#310763) ------------------------------------------------------------------- Mon Apr 11 12:48:33 UTC 2011 - mvyskocil@suse.cz - fix bnc#686590 - VUL-0: new pure-ftpd version fix STARTTLS issues similar to CVE-2011-0411 * flush command buffer after switch to TLS ------------------------------------------------------------------- Mon Mar 28 13:11:31 UTC 2011 - mvyskocil@suse.cz - fix bnc#676680 - pure-ftpd sends the full path to ftp client when mget * is used ------------------------------------------------------------------- Fri Mar 11 11:53:38 UTC 2011 - akarthikeyan@novell.com - Bug 675934 - VUL-0: pure-ftpd OES patch is bad code wise - fixed ------------------------------------------------------------------- Thu Feb 16 13:05:44 UTC 2011 - kukuk@suse.de - Add AppAmor profile to filelist ------------------------------------------------------------------- Wed Feb 9 13:15:30 CET 2011 - kukuk@suse.de - Update pure-ftpd to version 1.0.22 - Obsoletes pure-ftpd-1.0.21-ldap_schema.patch - Forward port AppAmor patch from CODE10 - Enable OES patches - Enable per user limits [FATE#303561] ------------------------------------------------------------------- Mon Oct 11 08:59:22 UTC 2010 - mvyskocil@suse.cz - fix bnc#638626 - pure-ftpd is not compiled with "--with-rfc2640" for charset support enable --with-rfc2640 in configure - add (but not apply) OES patches for tracking ------------------------------------------------------------------- Tue Jan 12 10:23:12 UTC 2010 - mseben@novell.com - modified portrange.patch - for PassivePortRange option in pure-ftpd.conf we could use now also syntax without colon (bnc#547578) ------------------------------------------------------------------- Thu Jan 15 13:00:31 CET 2009 - hvogel@suse.de - Move PassivePortRange to numparic_switch_for [bnc#465954] ------------------------------------------------------------------- Mon Sep 15 14:50:54 CEST 2008 - hvogel@suse.de - limit port range for passv to 30000:30100 to assist firewalling [bnc#420671] ------------------------------------------------------------------- Mon Jul 21 16:34:26 CEST 2008 - hvogel@suse.de - do not use tcp send/receive buffer optimization. Might lead to strange side effects when allocating too much stack. [bnc#407363] ------------------------------------------------------------------- Tue Apr 1 16:19:13 CEST 2008 - mkoenig@suse.de - remove dir /usr/share/omc/svcinfo.d as it is provided now by filesystem ------------------------------------------------------------------- Thu Mar 20 15:42:03 CET 2008 - hvogel@suse.de - Fix ldap schema [bnc:368864] - add Short-Description to init script ------------------------------------------------------------------- Tue Mar 27 14:53:53 CEST 2007 - mskibbe@suse.de - change path to firewall script (#247352) ------------------------------------------------------------------- Fri Mar 2 08:38:24 CET 2007 - mskibbe@suse.de - change path to firewall script (#247352) ------------------------------------------------------------------- Wed Feb 28 08:54:05 CET 2007 - mskibbe@suse.de - pure-ftpd - Support for FATE #300687: Ports for SuSEfirewall added via packages (#246931) ------------------------------------------------------------------- Thu Jan 11 09:55:19 CET 2007 - mskibbe@suse.de - change path to xml service document (fate #301713) ------------------------------------------------------------------- Wed Dec 6 12:48:34 CET 2006 - mskibbe@suse.de - add service xml document (fate #301713 ) ------------------------------------------------------------------- Wed Sep 6 14:36:48 CEST 2006 - mskibbe@suse.de - fix bug Bug 203798 - Restarting the ftp server using the "rcpure-ftpd stop/start" doesn't stop/kill the existing client-server instances ------------------------------------------------------------------- Mon Sep 4 11:15:57 CEST 2006 - kukuk@suse.de - Add pam_loginuid.so to session management ------------------------------------------------------------------- Thu Aug 31 07:59:18 CEST 2006 - mskibbe@suse.de - update to version 1.0.21 which o includes patch pure-ftpd-1.0.20-abort-transfer.patch o Rendezvous has been renamed Bonjour o The old PAM sample has been removed o -F option added to pure-pw o MAX_USER_LENGTH has been bumped to 127 due to popular demand o pam/* can now be used if security/* doesn't exist o simplify() simplifies paths ending by /. and /.. o Experimental support for RFC2640 (UTF-8 filename encoding) o The LDAP schema has been changed: FTPStatus should be a boolean o OPTS MLST has been implemented o SITE UTIME has been implemented o TCP_CORK is on by default again. A new configure switch, --without-cork, can disable it o Correctly format %c and %% in fakesprintf() o The connection socket is now created with the Nagle algorithm disabled. It was the trick to dramatically improve performance when transfering a lot of small files o Use CLIENT_MULTI_STATEMENTS while connecting to a MySQL server ------------------------------------------------------------------- Mon Aug 21 21:31:34 CEST 2006 - kukuk@suse.de - Reorder auth section of PAM config file to make sure all modules will always be evaluated. ------------------------------------------------------------------- Mon Apr 10 17:04:23 CEST 2006 - mrueckert@suse.de - added pure-ftpd-1.0.20_config_minuid.patch: * configuration-file/pure-ftpd.conf.in: our ftp user has uid 40. if you want to map virtual users to this uid they would be blocked from login. - added pure-ftpd-1.0.20_ftpwho_path.patch: * src/ftpwho-update.h: PAGE_SIZE is a function on glibc-2.4/kernel-2.6.16 on ppc64. use PATH_MAX for the filename member of the FTPWhoEntry_ struct ------------------------------------------------------------------- Wed Jan 25 21:40:41 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Mon Jan 16 16:40:55 CET 2006 - hvogel@suse.de - Patch from Patrick Gosling to handle transfer aborts during file upload correctly. [#133452] ------------------------------------------------------------------- Fri Jan 13 15:05:03 CET 2006 - hvogel@suse.de - Make use of Stack Protector ------------------------------------------------------------------- Mon Oct 24 22:06:55 CEST 2005 - mrueckert@suse.de - cleaned up spec file - add /etc/pure-ftpd/vhosts as base dir for virtual servers. (documentation and code changed accordingly.) - fixed paths in the documenation ------------------------------------------------------------------- Thu Oct 13 12:48:35 CEST 2005 - hvogel@suse.de - Build with DLDAP_DEPRECATED untill upstream applied one of the various ldap patches floating around on the sf.net project page ------------------------------------------------------------------- Wed Aug 24 12:06:08 CEST 2005 - hvogel@suse.de - disable "funny" ftp messages to be a bit more professional ------------------------------------------------------------------- Mon Nov 8 17:19:11 CET 2004 - kukuk@suse.de - Use common-* PAM config files for pure-ftpd PAM configuration ------------------------------------------------------------------- Thu Aug 12 12:40:48 CEST 2004 - mmj@suse.de - Use --with-diraliases ------------------------------------------------------------------- Thu Aug 12 10:48:44 CEST 2004 - mmj@suse.de - Update to 1.0.20 which fixes compatibility issues. ------------------------------------------------------------------- Wed Jun 23 20:38:56 CEST 2004 - mmj@suse.de - Update to 1.0.19 including: o Real disk space is no more shown. o A possible denial of service when too many users were connected should be fixed. ------------------------------------------------------------------- Tue Mar 2 23:22:41 CET 2004 - mmj@suse.de - Reflect in the configuration file that /etc/pure-ftpd/ now is a place to keep all the pure-ftpd configuration files. ------------------------------------------------------------------- Tue Mar 2 22:42:02 CET 2004 - mmj@suse.de - Move configuration file when updating - Fix initscript to use /etc/pure-ftpd/pure-ftpd.conf [#35196] - Update to 1.0.18 including: o UTF-8 characters are now supported in file names [#34829] o Buglets were fixed in the documentation. o Two new translations were added : hungarian and catalan o The server now uses distinct IPv4 and IPv6 to listen to both protocols on all operating systems. A new switch, -6, forces the server to only listen to IPv6. o W3C and CLF alternative log formats are now more standard conformant. o Pure-FTPd can now produce WU-FTPd (xferlog) compatible log files. o Support for Rendezvous was added on MacOS X. o Support for Apple / GNUStep plist data output was added to pure-ftpwho. ------------------------------------------------------------------- Fri Feb 27 18:27:16 CET 2004 - mmj@suse.de - Enable mysql and postgresql support, since they provide very good functionality with only tiny extra dependencies - Compile with --with-nonalnum to support non alphanumeric chars ------------------------------------------------------------------- Fri Jan 16 13:26:06 CET 2004 - kukuk@suse.de - Add pam-devel to neededforbuild ------------------------------------------------------------------- Thu Dec 4 14:10:58 CET 2003 - mmj@suse.de - Update to pure-ftpd v. 1.0.17a ------------------------------------------------------------------- Wed Oct 15 12:59:03 CEST 2003 - mmj@suse.de - Don't build as root ------------------------------------------------------------------- Tue Aug 12 10:55:04 CEST 2003 - mmj@suse.de - Update to 1.0.16, with SSL/TLS support and many bugfixes - Use new macros for stop/restart of services on rpm update/removal ------------------------------------------------------------------- Sun Jul 27 11:19:20 CEST 2003 - mmj@suse.de - Support system quotas ------------------------------------------------------------------- Tue Jun 17 13:09:47 CEST 2003 - mmj@suse.de - Update to version 1.0.15: ? A turkish translation has been added. ? Various functional and portability fixes have been made to the handling of upload scripts, to the pure-pw command and to the automatic creation of home directories. ? Accounts in a puredb database can now be quickly listed. ? The anonymous FTP directory can now be overriden on the Windows port (using a WIN32_ANON_DIR environment variable). ? The default banner has been stripped down to look more professionnal. ? Transfer speed on BSD systems has been improved. ? The license of the whole package has changed from GPL to a simplified BSD license. ------------------------------------------------------------------- Thu May 15 12:41:00 CEST 2003 - mmj@suse.de - Allow dot-files in general, but prohibit writing of them [#26897] ------------------------------------------------------------------- Wed Apr 30 12:42:52 CEST 2003 - mmj@suse.de - Apply the detach patch elsewhere to not break xinetd - Add note to the xinetd conffile about the xinetd behaviour - Rearrange the specfile a bit ------------------------------------------------------------------- Thu Mar 6 16:33:14 CET 2003 - mmj@suse.de - Fix the xinetd configuration file ------------------------------------------------------------------- Fri Feb 28 15:32:38 CET 2003 - mmj@suse.de - Add note to README.LDAP about use_ldap in the pam config ------------------------------------------------------------------- Fri Jan 31 14:33:01 CET 2003 - mmj@suse.de - Update to 1.0.14 and add a xinetd configuration file just in case the user wants to use it with xinetd. Default behaviour is still standalone. ------------------------------------------------------------------- Mon Jan 20 20:42:56 CET 2003 - mmj@suse.de - Added patch to detach from fd 0, 1 and 2 [#22836] ------------------------------------------------------------------- Wed Nov 27 14:02:07 CET 2002 - mmj@suse.de - Update to 1.0.13a which is a minor feature/bugfix-release ------------------------------------------------------------------- Sat Oct 5 02:34:37 CEST 2002 - ckm@suse.de - Changed default config file to only allow ro anonymous logins, and tightened security in case writing is enabled. ------------------------------------------------------------------- Sat Aug 3 15:16:27 CEST 2002 - kukuk@suse.de - Remove symlinks in postinstall script - Add PreRequires for insserv ------------------------------------------------------------------- Thu Jul 4 16:59:51 CEST 2002 - kukuk@suse.de - Update to version 1.0.12 (per-user limits) ------------------------------------------------------------------- Fri Apr 26 16:27:00 CEST 2002 - kukuk@suse.de - Update to version 1.0.11 (minor bug fixes, better LDAP support) ------------------------------------------------------------------- Mon Mar 11 09:48:02 CET 2002 - kukuk@suse.de - Fix permissions ------------------------------------------------------------------- Sat Feb 16 21:15:14 CET 2002 - kukuk@suse.de - Fix print arguments [Bug #13389] ------------------------------------------------------------------- Mon Feb 11 18:12:54 CET 2002 - ro@suse.de - flgs in perl-config parser is an array ------------------------------------------------------------------- Thu Jan 24 20:51:42 CET 2002 - kukuk@suse.de - Update to version 1.0.8 - Compile with LDAP support ------------------------------------------------------------------- Thu Nov 29 18:22:20 CET 2001 - kukuk@suse.de - Add pam config file - Cleanup example config file ------------------------------------------------------------------- Thu Nov 22 17:09:45 CET 2001 - kukuk@suse.de - Update to 1.0.3 (rename and quota fixes) ------------------------------------------------------------------- Thu Nov 1 10:51:40 CET 2001 - kukuk@suse.de - Initial release of a secure ftp server with LFS