8 Commits

Author SHA1 Message Date
Catalin Enache 959b617fbc proftpd: CVE-2016-3125
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before
1.3.6rc2 does not properly handle the TLSDHParamFile directive,
which might cause a weaker than intended Diffie-Hellman (DH) key
to be used and consequently allow attackers to have unspecified
impact via unknown vectors.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3125

Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-05-09 19:05:02 -07:00
Roy Li de5d7d91ba proftpd: add systemd support
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2015-02-11 21:25:41 -05:00
Armin Kuster f2833950be proftpd: update to 1.3.5
dropped proftpd-sftp.patch as it is included in update.
combined make.patch, move-pidfile-to-var-run.patch, move-runfile-to-var-run.patch into
build_fixup

Added several packagesconfig options (too much eggnog)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2014-12-29 14:51:53 -05:00
Hongxu Jia af971abbf0 proftpd: fix integer overflow CVE-2013-4359
Integrate a patch from proftpd upstream to fix an integer overflow bug
described in the CVE-2013-4359, which allows remote attachers to cause
a denial of service (memory consumption) attack.

Refer: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4359

Signed-off-by: Shan Hai <shan.hai@windriver.com>

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2014-09-26 05:41:52 +02:00
Roy Li 3ffe8dbceb proftpd: move the runing created file under /var/run
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Acked-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Joe MacDonald <joe@deserted.net>
2014-02-12 20:09:26 -05:00
Roy Li ac3a5d4301 proftpd: use /bin/false as the login shell and add home-dir
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue; add /var/lib/ftp as user
ftp home-dir.

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
2013-12-09 16:17:44 -05:00
Roy Li 9b3e284c58 proftpd: move pidfile from /var/ to /var/run/
/var/run/ is more suitable to store pidfile for OE, and this fixes
"/etc/init.d/proftpd stop" failure too, since this script assumes
the pidfile is under /var/run

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
2013-11-27 15:27:36 -05:00
Paul Eggleton 3d851fe4ce proftpd: add from meta-baryon
This was originally from OE-Classic. Improvements over the OE-Classic
recipe for reference:

* Update to 1.3.4b
* Add workaround for proftpd host IP resolution
* Add initscript, borrowed from Debian with some modifications for
  compatibility and handling for hardcoded paths
* Use autotools.bbclass and remove unnecessary configure options
* PARALLEL_MAKE = "" is no longer needed, the bug was fixed in 1.3.3c
* Set SUMMARY (which sets DESCRIPTION) and base it on the short
  description from the website
* Use useradd.bbclass to add ftp user/group
* Add HOMEPAGE
* Add/fix description in some patches and improve recipe indentation
* Make LICENSE more accurate
* Add LIC_FILES_CHKSUM

Some of this work was done by Dexuan Cui <dexuan.cui@intel.com> and
Kevin Strasser <kevin.strasser@linux.intel.com>.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2012-11-27 14:43:59 -05:00