Friday 11th March 2016
Fedora Project
Cleaned up and rebuilt perl-autobox-dump (20090426.1746) in Rawhide
Cleaned up and rebuilt perl-DateTime-Format-IBeat (0.161) in Rawhide
Cleaned up and rebuilt perl-Test-TinyMocker (0.05) in Rawhide
Updated proftpd to 1.3.5b in F-22, F-23, F-24, rawhide and EPEL-7:
mod_geoip did not load all of the GeoIPTables properly (upstream bug 4187)
"Incorrect string value" reported by mod_sql_mysql for some UTF8 characters (upstream bug 4191)
SSH rekey failed when using RSA host key smaller than 2048 bits (upstream bug 4097)
MLSD/MLST fact type "cdir" is incorrectly used for the current working directory (upstream bug 4198)
HiddenStores temporary files not removed when exceeding quota using SCP (upstream bug 4201)
MLSD lines not properly terminated with CRLF (upstream bug 4202)
Zero-length memory allocation possible, with undefined results (upstream bug 4209)
Avoid unbounded SFTP extended attribute key/values (upstream bug 4210)
Ensure that FTP data transfer commands fail appropriately when "RootRevoke on" is in effect (upstream bug 4212)
Handle FTP re-authentication attempts better (upstream bug 4217)
Permissions on files uploaded via STOU did not honor configured Umask (upstream bug 4223)
Support SFTP clients that send multiple INIT requests (upstream bug 4227)
TLSDHParamFile directive appears ignored because unexpected DH is chosen (upstream bug 4230, CVE-2016-3125)
Local Packages
Updated proftpd to 1.3.5b as per the Fedora version