Monday 22nd May 2017
Fedora Project
Updated perl-Exporter-Tiny to 1.000000 in F-26 and Rawhide:
- Repackage as 1.000000
Updated perltidy to 20170521 in F-24, F-25, F-26 and Rawhide:
Includes fix for CVE-2016-10374: Uses current working directory without symlink-attack protection
See CHANGES for details of other bug fixes and enhancements
Updated proftpd to 1.3.6 in F-26 and Rawhide (see NEWS for details):
- Also:
Updated mod_vroot to 0.9.5 (API compatibility with 1.3.6)
Added upstream fixes for flaky API tests (GH#483, GH#510, GH#514)
Added functionality to disable external network tests (GH#497)
AllowChrootSymlinks off could cause login failures depending on filesystem permissions: use the IDs of the logging-in user to perform the directory walk, looking for symlinks, to be more consistent with similar checks done during login (Bug #1443507, upstream bug 4306)
- Updated template TLS configuration
Disabled PCRE support for now as JIT compiler has SELinux issues (PCRE Bug #1749)
Updated proftpd.service to use Type=simple rather than Type=forking (GH#506)
Removed redundant bind() to controls socket (GH#501)
Fixed similars functionality and unit test (GH#513)
Local Packages
Updated perl-Exporter-Tiny to 1.000000 as per the Fedora version
Updated perl-Params-Classify (0.013) to fix compatibility with Perl 5.26.0 (CPAN RT#114490)
Updated perl-Perl-Tidy to 20170521 as per the Fedora perltidy package
Updated proftpd to 1.3.6 as per the Fedora version