UbuntuUpdates.org

Package "pure-ftpd-ldap"

Name: pure-ftpd-ldap

Description:

Secure and efficient FTP server with LDAP user authentication

Latest version: 1.0.36-1.1ubuntu0.1
Release: trusty (14.04)
Level: security
Repository: universe
Head package: pure-ftpd
Homepage: http://www.pureftpd.org/

Links


Download "pure-ftpd-ldap"


Other versions of "pure-ftpd-ldap" in Trusty

Repository Area Version
base universe 1.0.36-1.1
updates universe 1.0.36-1.1ubuntu0.1

Changelog

Version: 1.0.36-1.1ubuntu0.1 2016-05-31 15:06:44 UTC

  pure-ftpd (1.0.36-1.1ubuntu0.1) trusty-security; urgency=low

  * SECURITY-UPDATE: SSLv3 is enabled by default allowing the POODLE
    attack (LP: #1381840)
    - debian/pure-ftpd-wrapper: enable loading of TLSCipherSuite parameter
    - debian/etc/TLSCipherSuite: disable SSLv3
    - CVE-2014-3566

 -- Joshua Zeitlinger <email address hidden> Sat, 28 May 2016 19:50:18 -0400

1381840 Wrapper doesn't include TLSCipherSuite
CVE-2014-3566 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-m



About   -   Send Feedback to @ubuntu_updates