New version due to a security flaw. See proftpd.org or the ChangeLog for more details.

1 files changed, 11 insertions, 1 deletions

diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog
index 2d21359547f4..8a706ab4f0a3 100644
--- a/net-ftp/proftpd/ChangeLog
+++ b/net-ftp/proftpd/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for net-ftp/proftpd
 # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.62 2004/06/05 17:21:10 kloeri Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.63 2004/06/08 06:17:39 raker Exp $
+
+*proftpd-1.2.10_rc1 (08 Jun 2004)
+
+  08 Jun 2004; Nick Hadaway <raker@gentoo.org> proftpd-1.2.10_rc1.ebuild :
+  Important security fixes.  From proftpd.org:  Additionally a flaw in 
+  the CIDRACL code has been discovered which can lead to an escalation in 
+  access rights within the ftp site. This flaw affects all versions up to 
+  and including 1.2.9, it has been fixed in cvs and 1.2.10rc1. To avoid 
+  the flaw do not use CIDR based ACLs on vulnerable versions or use 
+  mod_wrap and /etc/hosts.allow|deny.
 
   05 Jun 2004; Bryan Østergaard <kloeri@gentoo.org> proftpd-1.2.9-r2.ebuild:
   Stable on alpha.