You can subscribe to this list here.
2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2004 |
Jan
(1) |
Feb
(6) |
Mar
(1) |
Apr
(2) |
May
(2) |
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(2) |
Nov
|
Dec
(1) |
2005 |
Jan
|
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
(1) |
2006 |
Jan
(1) |
Feb
|
Mar
(1) |
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
(1) |
Sep
(6) |
Oct
(5) |
Nov
(3) |
Dec
(4) |
2007 |
Jan
(2) |
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(3) |
Aug
(1) |
Sep
|
Oct
(1) |
Nov
|
Dec
|
2008 |
Jan
|
Feb
|
Mar
(2) |
Apr
(1) |
May
(2) |
Jun
(5) |
Jul
(4) |
Aug
(1) |
Sep
(6) |
Oct
(5) |
Nov
(24) |
Dec
(25) |
2009 |
Jan
(14) |
Feb
(17) |
Mar
(7) |
Apr
(20) |
May
(44) |
Jun
(19) |
Jul
(26) |
Aug
(9) |
Sep
(2) |
Oct
|
Nov
|
Dec
(10) |
2010 |
Jan
(4) |
Feb
(4) |
Mar
(1) |
Apr
|
May
(2) |
Jun
|
Jul
(4) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
From: pollux <po...@wz...> - 2006-03-24 14:45:18
|
Here we are, yet another release. Not a lot of changes, mainly a consolidation of the existing features, and a removal of the deprecated/dead code. Enable IPv6 and MLSD by default, add new options to reject users at connection time. There were improvements in the Zeroconf support, events, custom commands, unit tests, and several bugs were fixed. Lots of deprecated or unsafe code was removed, including the support for the previous config file format and for old backends. /P Attachment #1: diffstat Attachment #2: changelog since 0.6.0 |
From: pollux <po...@wz...> - 2006-01-16 14:44:25
|
This is a bugfixes-only release (except a small update of the zeroconf module). Several problems with syslog, SFV module, custom commands and TLS support were fixed, and debug events are no more logged. Some options have been added to disable MySQL/PostgreSQL support during configure. Get it now on sourceforge. Packages and installer will be uploaded when ready. Attachment #1: diffstat Attachment #2: changelog since 0.6.0 /P |
From: pollux <po...@wz...> - 2005-12-27 20:40:09
|
The "Ho-ho-ho" release Major update: config file changed, multiple IPv4 and IPv6 binds, zeroconf support, multiples fixes in GnuTLS, cookies, permissions, and server replies. IPv6 code was also greatly improved. This version will *not* bring new killer features, it will prepare the architecture of the server to be ready for major updates in the next versions. The code is being cleaned up, and some errors of conception have been fixed (painfully !). The size of changelog and diffstat files can give you an idea of the amount of work done. Changes: * OpenSSL vs GnuTLS: gnutls problems should be fixed now, so it can fully replace openssl * UTF-8 is now enabled by default * Misc problems in commands: RETR, MKDIR, EPRT, SITE PERMS, READD * A timestamp is added to log entries * New option to disable ident lookups in server * New option to disable SSL (even if compiled in) * Zeroconf support (experimental) /P Attachment #1: diffstat Attachment #2: changelog since 0.5.0 |
From: pollux <po...@wz...> - 2005-09-26 09:44:11
|
Date: 26/09/2005 Topic: unsecure use of popen() in wzdftpd <= 0.5.4 Systems affected: wzdftpd 0.5.4 and prior wzdftpd-cvs: source prior to September 26, 2005 Platforms: all Severity: high to critical (remote exploitation possible) Description: wzdftpd offers the possibility to extend site commands by adding custom site commands in configuration file. Some of these commands may be executed using the popen() function, without the necessary checks. This can be exploited by a remote attacker to execute commands as the user running wzdftpd on the server, usually user 'ftp' but it can be root on some systems. The severity is not set to critical since this does not affect the default configuration, as no custom site command is provided. Solution: Temporarily disable any custom site command in the configuration file (directives: cscript and site_cmd) and patch the server with the attached patch (or upgrade to the shortcoming 0.5.5 version). The wzdftpd team. |
From: pollux <po...@wz...> - 2005-07-09 13:53:42
|
Better error logging, new log system based on channels. Important changes on MySQL backend (all tables renamed), see UPGRADING file for instructions. Problems fixed: GnuTLS errors, uid problems in MySQL backend, thread-safe problems, crontab. Work will now be focused on reorganizing files and directories. The new features we obtained by converting the project to subversion will allow us to rename files and directories without losing the history. /P Attachment #1: diffstat Attachment #2: changelog since 0.5.3 -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2005-05-19 18:57:29
|
New backend using PostgreSQL to store users. A new site command (SECTIONS) was added to list sections, and several bugs were fixed in the MySQL backend. UTF-8 support was also improved. Current priority is now the migration to subversion, meaning that the CVS repository will be read-only in a first step, and removed after. /P Attachment #1: diffstat Attachment #2: changelog since 0.5.2 -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2005-04-18 09:44:51
|
Fixed several problems with mkdir, cwd and custom site commands. Windows installer was also improved, and icons were added. /P Attachment #1: diffstat Attachment #2: changelog since 0.5.1 -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2005-03-08 14:33:49
|
Fixed problems with configuration (pasv_ip, site_cmd not working, max_ul and max_dl not saved for groups). A memory leak has been fixed after client log out. chown, chgrp and chmod has been added to perl and tcl modules, as well as a log for perl. An incompatibility between OpenSSL and GnuTLS is also probably solved. Some unit tests have also been added to the project. /P Attachment #1: diffstat Attachment #2: changelog since 0.5.0 -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2005-02-21 20:31:53
|
Finally, 0.5.0 is out, and with many changes: * no more shared memory ! (and associated error messages ), * the mysql backend is fully working, * no more limitations on numbers of users/groups, * big efforts made on security, * new authentication library to unify methods: crypt, md5, pam, SSL certif= icates, etc, * new library to send commands from other programs, * perl backend in development, * new memory model with hash tables to get faster access to data and impro= ve speed, * many new commands: site vars, vars_user, vars_group, killpath, etc, * GnuTLS support, * new commands: SSCN, CPSV, HELP (secure FXP), * new events: file delection, * and many, many bugfixes. Attachment #1: diffstat Attachment #2: changelog since 0.4.0 /P --=20 In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\=20 // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ //=20 |
From: pollux <po...@cp...> - 2004-12-07 10:22:15
|
Fixed problems with symbolic links, permissions (delete) and LIST command. Some new variables for server for passive range and speed limits; changing max speed for users/groups/server is now applied immediatly. The 'perms' field is now effective for users, allowing a finer control on authorized commands. A new wiki have also been installed to manage documentation: http://www.wzdftpd.net/twiki/bin/view/WzdftpdDocs/WzdftpdDocumentation Attachment #1: diffstat Attachment #2: changelog since 0.4.3 /P -- In /dev/null no one can here you scream ! // Pollux <po...@cp...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-10-28 12:33:30
|
Things are getting better, but several problems were identified, some of them could crash the server of corrupt data. NB: ids for fixed bugs are relative to the bug tracker: http://www.wzdftpd.net/mantis/ A new wiki have also been installed to manage documentation: http://www.wzdftpd.net/twiki/bin/view/WzdftpdDocs/WzdftpdDocumentation Attachment #1: diffstat Attachment #2: changelog since 0.4.2 /P -- In /dev/null no one can here you scream ! // Pollux <po...@cp...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@cp...> - 2004-10-05 08:00:00
|
Again, bugfixes. Problems were detected and fixed on permissions, gadmins, groups, and paths on windows. NB: ids for fixed bugs are relative to the bug tracker here: http://www.wzdftpd.net/mantis/ Attachment #1: diffstat Attachment #2: changelog since 0.4.1 /P -- In /dev/null no one can here you scream ! // Pollux <po...@cp...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-09-16 15:47:41
|
Bugfixes ! The previous rewrite of users management has broken many things, so this release should make the server usable again. Attachment #1: diffstat Attachment #2: changelog since 0.4.0 /P -- In /dev/null no one can here you scream ! // Pollux <po...@cp...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-08-26 17:06:17
|
Many features / parts rewritten: * Permissions are now displayed correctly on LIST * users and groups management has been rewritten * uid/gid are now used, so must be set correctly * big speed enhancement * IP addresses does no more need prefixes (+ and -) * TCL module updated * Many new cookies * Improved events Major features: * new commands: STAT * Perl module Work in Progress (not fully working yet): * UTF-8 support * MySQL backend * config file management Bugfixes: Too many to be listed here ! (see ChangeLog) Get it now on sourceforge. Packages and installer will be uploaded when ready. Attachment #1: diffstat Attachment #2: changelog since 0.3 /P -- In /dev/null no one can here you scream ! // Pollux <po...@cp...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-07-01 11:35:13
|
This release does NOT brgin any new feature, it is only intended for users of the 0.3.x serie. If you want new features or up to date version, please give a look to the daily version. * misc compilation problems (SSL flags, some typos) * randomization of PASV ports to fix FXP problems with glftpd * SFV module is case-sensitive on windows * many fixes in TCL module * ditto for custom site commands * windows installer improvements Some bugs with high importance: * file handle not closed after FXP (closes #954477) * force socket close on win32 * various memory leaks Get it now on sourceforge. Packages and installer will be uploaded when ready. Attachment #1: diffstat Attachment #2: changelog since 0.3.2 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: <ben...@id...> - 2004-05-25 08:32:37
|
Dear Open Source developer I am doing a research project on "Fun and Software Development" in which I kindly invite you to participate. You will find the online survey under http://fasd.ethz.ch/qsf/. The questionnaire consists of 53 questions and you will need about 15 minutes to complete it. With the FASD project (Fun and Software Development) we want to define the motivational significance of fun when software developers decide to engage in Open Source projects. What is special about our research project is that a similar survey is planned with software developers in commercial firms. This procedure allows the immediate comparison between the involved individuals and the conditions of production of these two development models. Thus we hope to obtain substantial new insights to the phenomenon of Open Source Development. With many thanks for your participation, Benno Luthiger PS: The results of the survey will be published under http://www.isu.unizh.ch/fuehrung/blprojects/FASD/. We have set up the mailing list fa...@we... for this study. Please see http://fasd.ethz.ch/qsf/mailinglist_en.html for registration to this mailing list. _______________________________________________________________________ Benno Luthiger Swiss Federal Institute of Technology Zurich 8092 Zurich Mail: benno.luthiger(at)id.ethz.ch _______________________________________________________________________ |
From: pollux <po...@wz...> - 2004-05-01 15:25:39
|
As usual now, some bugfixes: * log file empty on win32 (except if forcing use_syslog = 0) * user can now see its own home But the big part is the addition of some new features: * tcl: command putlog * new command STAT to provide a fast way to list dir * group tagline, cookie %grouptag * do not search UTF-8 by default in configure And finally some new cookies to access transfered files infos: * %lastfile{name,size,speed,time} Get it now on sourceforge. Packages and installer will be uploaded when ready. Attachment #1: diffstat Attachment #2: changelog since 0.3.1 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-04-27 09:07:22
|
This release bring some new bugfixes: * a minor security problem where ip addresses where shown or not quite randomly on SITE WHO and associates, the only risk was to show an ip that should have been hidden; * server will give more error messages on start failure, especially on two cases: can't bind to port given in config file, and can't open pid file; * paths to log and config files have changed - this can lead to problems if you upgrade; * some other bugfixes. Attachment #1: diffstat Attachment #2: changelog since 0.3.1 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-04-15 20:07:27
|
Many bugfixes and improvements, and some new features: * integration as a service on win32 platforms * symbolic links * new module: tcl * new backends for authentication: pam and mysql (Work in Progress) * new cookies * new SITE commands * tons of bugfixes on global behaviour, crashes, etc. Attachements: diffstat and changelog since 0.2 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: Andrew L. <al...@xm...> - 2004-03-09 07:25:49
|
Hi all, I installed WZDFTPd on a Windows 2000 server as a replacement for IIS's FTPd after that flaked out for no good reason and I couldn't find out why/how to fix. :) After initially being a bit dof with the program, I got things back up and running, and now I'm being dof again. :( Problem is, I have a user (in their own private group), who can't replace files that were uploaded prior to the swap to WZDFTPd. These files were owned by the NT account specific to this user, so I recursively 'chown'd' (in terms of clicking about in explorer) the whole tree to the Administrators user, which is who is owning all the newly-uploaded files. Within WZD, the old files still show as being owned by nobody:ftp and the new by user:ftp. I can run the site chown command with relative and full paths and it doesn't seem to do anything. :( What to do? -AL. |
From: pollux <po...@wz...> - 2004-02-18 13:14:34
|
This release fixes problems from version 0.2.2 Stability was improved for all versions (including windows), and a special effort was made to increase security. Upgrade is more than ever suggested for all users. Attachment #1: diffstat on changes Attachment #2: changelog since 0.2.2 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-02-15 19:52:53
|
This release fixes a possible buffer overflow, that can be exploited by a malicious user to execute arbitrary code. This problem is platform independant, so all users should upgrade quickly ! Acknowledgements: thanks to the ecl-il team for reporting us the problem, and providing many usefull informations. Attachment #1: diffstat on changes Attachment #2: changelog since 0.2.1 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-02-13 14:08:06
|
This release is mainly a bugfix one, for 0.2 users. Several problems on FreeBSD were fixed (some leading to server crash). An important bug causing uploaded files to be corrupted on windows was also corrected (closes: bug #885559) Upgrade strongly suggested ! Attachment #1: diffstat on changes Attachment #2: changelog since 0.2 /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: pollux <po...@wz...> - 2004-02-11 16:13:02
|
Hi, Chris Lount offered his help to create rpm packages, they are uploaded on sourceforge: https://sourceforge.net/project/showfiles.php?group_id=78247 Thanks to him for his work. Note: they are compiled with IPv6 support Debian packages were also updated to solve a dependancy problem (dpkg does not seem to like version numbers on virtual packages), available at the same url. Debian packages are currently created on my box, i'll try to use another because I'm using an up-to-date debian unstable, it could create deps problems. Thanks to Roman Bogorodskiy for providing the FreeBSD port & package, they are accessible on the same page, look at notes for more infos on how to install. /P -- In /dev/null no one can here you scream ! // Pollux <po...@wz...> \\ // \\ \\ Creator of wzdftpd -- http://www.wzdftpd.net // \\ // |
From: Roman B. <bog...@in...> - 2004-02-11 14:46:18
|
I wrote: >skipped< Sorry, I forgot to attach the port -Roman Bogorodskiy |