proftpd security bug 1.3.2

[BuGoFf]

proftpd security bug 1.3.x

http://secunia.com/advisories/42052

Just to let everybody know there is a security risk when using proftpd versions lower than 1.3.3c

 

[ccto]

May I know any 'official' way to update ProFTPd to 1.3.3c under customapache environment?

We have some 'old' server running with CentOS 4 x86 with customapache.

 

[BuGoFf]

Here is how i do it:

Because i only want to upgrade my proftpd version i change the version in the versions.txt and then build it.

cd /usr/local/directadmin/custombuild/

sed -i 's/proftpd\(.*\)$/proftpd:1.3.3c:4f2c554d6273b8145095837913ba9e5d/' versions.txt

./build proftpd

 

[scsi]

cd /usr/local/directadmin/custombuild
./build update
./build clean
./build proftpd d

 

[jasonstr]

Is this the one where a certain module has to be loaded anyway? Or is that a newer one?