--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-35
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Proftpd

Service stop of FTP server

   Release date : 2002-06-25

   Solution: package : proftpd-1.2.5-3

   Problem
    There is a possibility of unuauthorized user making specification command 
to the resource of the CPU and memory.

   Solution:
    Please verify version and execute the command below.

    # rpm -qa | grep package name

    When problem corresponds, please download the update package. Do the update  by the using the command below.
    Furthermore, please execute the package number which corresponds to your version number. Without starting a new paragraph, please enter the "\ " Bunchu sign.

    Execution example
    ---------------------------------------------------------------------
    # rpm -Fvh Package-1.0.0-1.i586.rpm \
    Package-doc-1.0.0-1.i586.rpm \
    Package-devel-1.0.0-1.i586.rpm

    The case where rpm command is executed, please enter as follows on the command line.

    # rpm -Fvh package-1.0.0-1.i586.rpm package-doc-1.0.0-1.i586.rpm package-devel-1.0.0-1.i586.rpm
    ---------------------------------------------------------------------

    < Turbolinux 8 Workstation >

    * Correspondence to be completed

    < Turbolinux 7 Server >
    < Turbolinux 7 Workstation >
    # rpm -Fvh proftpd-1.2.5-3.i586.rpm

    < Turbolinux Server 6.5 >
    # rpm -Fvh proftpd-1.2.5-3.i386.rpm

    < Turbolinux Advanced Server 6 >
    < Turbolinux Server 6.1 >
    < Turbolinux Workstation 6.0 >
    < Turbolinux Server 6.0 >

    * To adopt the wu-ftpd in the FTP server, it is not necessary to update.

Package updates: http://www.turbolinux.co.jp/update/