The OES Netware add-ons in pure-ftpd had a security problem
and some bugs, which are fixed by this update.
A local attacker could overwrite local files when the OES
remote server feature of pure-ftpd is enabled due to a
directory traversal. ( CVE-2011-3171)
Additionally the following bugs have been fixed:
- bnc#699300 - FTP remote server navigation does not
always succeed
- bnc#685447 - pure-ftpd does not throw an error when
the name resolution fails during remote server navigation
- bnc#700335 - put files into NCP volumes fails
- bnc#703035 - remote_server feature opens a
vulnerability with directory traversal & file overwriting