#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Thursday 10th November 2011 ===

==== Fedora Project ====

 * Updated `proftpd` to 1.3.4 in F-15, F-16 and Rawhide:
  * ProFTPD with `mod_sql_mysql` dies of "Alarm clock" on FreeBSD ([[ProftpdBugzilla:3702|bug 3702]])
  * `mod_sql_mysql.so: undefined symbol: make_scrambled_password` with MySQL 5.5 on Fedora ([[ProftpdBugzilla:3669|bug 3669]])
  * `PQescapeStringConn()` needs a better check ([[ProftpdBugzilla:3192|bug 3192]])
  * Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks ([[ProftpdBugzilla:3704|bug 3704]]); to disable this countermeasure, which may cause interoperability issues with some clients, use the `NoEmptyFragments` `TLSOption`
  * Support `SFTPOption` for ignoring requests to modify timestamps ([[ProftpdBugzilla:3706|bug 3706]])
  * RPM build on CentOS 5.5 (64bit): "`File not found by glob`" ([[ProftpdBugzilla:3640|bug 3640]])
  * Response pool use-after-free memory corruption error ([[ProftpdBugzilla:3711|bug 3711]], [[RedHatBugzilla:752812|Fedora Bug#752812]], ZDI-CAN-1420, [[CVE:2011-4130|CVE-2011-4130]])
 * Updated `proftpd` to 1.3.3g in F-14, EPEL-4, EPEL-5 and EPEL-6:
  * ProFTPD with `mod_sql_mysql` dies of "Alarm clock" on FreeBSD ([[ProftpdBugzilla:3702|bug 3702]])
  * Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks ([[ProftpdBugzilla:3704|bug 3704]]); to disable this countermeasure, which may cause interoperability issues with some clients, use the `NoEmptyFragments` `TLSOption`
  * Response pool use-after-free memory corruption error ([[ProftpdBugzilla:3711|bug 3711]], [[RedHatBugzilla:752812|Fedora Bug#752812]], ZDI-CAN-1420, [[CVE:2011-4130|CVE-2011-4130]])

==== Local Packages ====

 * Updated `proftpd` to 1.3.4 as per the Fedora F-15, F-16 and Rawhide packages

----