psa-proftpd-1.3.3d update?

[Michael Wa.]

Hi,
when will psa-proftpd-1.3.3d be available for Plesk 10 ?

Thanks
Michael

 

[littlefrog]

why do you ask... are you having a problem with proftpd or just wondering about new updates?

 

[Michael Wa.]

because security metrics claims about the older version. And if proftp will be updated soon, I don't need to update it by myself.

M.

 

[littlefrog]

security metrix are terrible people to deal with.

Have you tried running the pci compliancy script thats in PP10 now?

FTP was not on the list of things security metrics found when scanning me 2 weeks ago.

 

[Michael Wa.]

yes I know its terrible. Its always a payne as they do not recognize that most of their "security holes" are already fixed by RedHat even if the version number is lower than the actual one. (eg. open-ssh)

However they claim that I have to update to the latest version and we are on psa-proftpd-1.3.3c
Maybe your test will fail as well when you do a new test. Our test was just 6 days ago.

We did try the script but it did not help with some ciphers so we are not going to use it again.

Michael

 

[atomicturtle]

psa-proftpd 1.3.3d is available from the atomic repo. You can install it with:

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

yum upgrade psa-proftpd

Added features in this are RBL, SFTP, and Clamav support

 

[Michael Wa.]

thank you. just updated to the latest version with the atomic rep.

cheers

 

[pumphouse creative]

upgrade reporting correct version?

I'm attempting to upgrade via the atomic repo, but something isn't working for me. I'm hoping for a little help!

Here's the upgrade command:
yum upgrade psa-proftpd
Loaded plugins: rhnplugin, security
Skipping security plugin, no data
Setting up Upgrade Process
No Packages marked for Update

When I list packages:
yum list psa-proftpd
Loaded plugins: rhnplugin, security
Installed Packages
psa-proftpd.i386 1.3.4a-1.el5.art installed

HOWEVER when I check Proftpd version number:
proftpd -v
ProFTPD Version 1.3.2e

Is proftpd -v reporting the wrong version number? This is a stock Plesk 9.5.4 install, and AFAIK all of the proftpd files are in their default directories, so I don't think that I have both versions installed.

Any help greatly appreciated!

Scott