Ncftpd < 2.6.2 allow users to change chrooted diretory

[Thiago Madeira de Lima <jungle () STI COM BR>]

        Found this bug 2 weeks ago and reported to the author. Now there's a new
version that solves the problem. Everyone using ncftpd < 2.6.2 should
upgrade to ncftpd 2.6.2.

        This bug only works if you use the same UID or GID for more than 1 user.

        Restricted users could access directory paths that were prefixed by the
entire pathname of the home directory and if the user's UID/GID privileges
allowed it.

        For example, a user bill with home directory /home/users/bill may have been
able to access the directory /home/users/billybob if bill's privileges
allowed it.

Thiago Madeira Lima