Fedora Packages

proftpd-utils-1.3.6e-4.el8 in EPEL 8

↵ Return to the main page of proftpd-utils
View build
Search for updates

Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files

Changelog

Date Author Change
2021-09-07 Paul Howarth <paul at city dash fan dot org> - 1.3.6e-4 - Fix memory disclosure to RADIUS servers by mod_radius (#2001690) https://github.com/proftpd/proftpd/issues/1284 https://github.com/proftpd/proftpd/pull/1285
2021-06-29 Paul Howarth <paul at city dash fan dot org> - 1.3.6e-3 - Avoid segfaults with TLSv1.3 https://github.com/proftpd/proftpd/issues/1063 https://github.com/proftpd/proftpd/commit/adf43dd4ddaab0332e74abc86bbcef9cf27ee54a - Use %license unconditionally
2020-11-24 Paul Howarth <paul at city dash fan dot org> - 1.3.6e-2 - Package mod_unique_id (#1901100)
2020-07-21 Paul Howarth <paul at city dash fan dot org> - 1.3.6e-1 - Update to 1.3.6e - Fixed null pointer dereference in mod_sftp when using SCP incorrectly (https://github.com/proftpd/proftpd/issues/1043)
2020-05-31 Paul Howarth <paul at city dash fan dot org> - 1.3.6d-1 - Update to 1.3.6d - Fixed issue with FTPS uploads of large files using TLSv1.3 (https://github.com/proftpd/proftpd/issues/959) - Fixed regression in the handling of '%{env:...}' configuration variables when the environment variable is not present (https://github.com/proftpd/proftpd/issues/857) - Second LIST of the same symlink shows different results (https://github.com/proftpd/proftpd/issues/940) - mod_sftp sends broken response when CREATETIME attribute is requested (https://github.com/proftpd/proftpd/issues/980) - Handle zero-length SFTP WRITE requests without error (http://bugs.proftpd.org/show_bug.cgi?id=4398) - PidFile should not be world-writable (https://github.com/proftpd/proftpd/issues/1018) - TLSv1.3 handshake fails due to missing session ticket key on some systems (https://github.com/proftpd/proftpd/issues/1014) - Lowercased FTP commands not properly identified (https://github.com/proftpd/proftpd/issues/1023)
2020-05-09 Paul Howarth <paul at city dash fan dot org> - 1.3.6c-3 - Avoid duplicate hostname and timestamps in syslog (#1808989) http://bugs.proftpd.org/show_bug.cgi?id=4185 https://github.com/proftpd/proftpd/issues/1002 https://github.com/proftpd/proftpd/pull/1009
2020-04-20 Paul Howarth <paul at city dash fan dot org> - 1.3.6c-2 - Retain a memory pool after an aborted transfer so that the %{transfer-status} LogFormat functionality still works - Own directory %{_sysconfdir}/logrotate.d
2020-02-19 Paul Howarth <paul at city dash fan dot org> - 1.3.6c-1 - Update to 1.3.6c - Use-after-free vulnerability in memory pools during data transfer (CVE-2020-9273, https://github.com/proftpd/proftpd/issues/903) - Fix mod_tls compilation with LibreSSL 2.9.x (https://github.com/proftpd/proftpd/issues/810) - MaxClientsPerUser was not enforced for SFTP logins when mod_digest was enabled (https://github.com/proftpd/proftpd/issues/750) - mod_sftp now handles an OpenSSH-specific private key format; it detects such keys, and logs a hint about reformatting them to a supported format (https://github.com/proftpd/proftpd/issues/793) - Directory listing was slower compared to previous ProFTPD versions (https://github.com/proftpd/proftpd/issues/793) - mod_sftp crashed when using pubkey-auth with DSA keys (https://github.com/proftpd/proftpd/issues/866) - Fix improper handling of TLS CRL lookups (CVE-2019-19269, CVE-2019-19270, https://github.com/proftpd/proftpd/issues/859) - Leaking PAM handler and data in case of unsuccessful authentication (https://github.com/proftpd/proftpd/issues/870) - SSH authentication failed for many clients due to receiving of SSH_MSG_IGNORE packet (http://bugs.proftpd.org/show_bug.cgi?id=4385) - SFTP publickey authentication failed unexpectedly when user had no shadow password info. (https://github.com/proftpd/proftpd/issues/890) - ftpasswd failed to restore password file permissions in some cases (https://github.com/proftpd/proftpd/issues/898) - Out-of-bounds read in mod_cap getstateflags() function; this has been addressed by updating the bundled version of libcap (CVE-2020-9272, https://github.com/proftpd/proftpd/issues/902) Note that this build of ProFTPD uses the system version of libcap and not the bundled version, and is not vulnerable to this issue
2020-01-22 Paul Howarth <paul at city dash fan dot org> - 1.3.6b-3 - Fix API tests compile failure with GCC 10 https://github.com/proftpd/proftpd/pull/886 - mod_sftp: When handling the 'keyboard-interactive' authentication mechanism, as used for (e.g.) PAM, make sure to properly handle DEBUG, IGNORE, DISCONNECT, and UNIMPLEMENTED messages, per RFC 4253 (http://bugs.proftpd.org/show_bug.cgi?id=4385)
2019-11-29 Paul Howarth <paul at city dash fan dot org> - 1.3.6b-2 - Fix handling of CRL lookups by properly using issuer for lookups, and guarding against null pointers (GH#859, GH#861, CVE-2019-19269, CVE-2019-19270)

Provides

  • proftpd-utils
  • proftpd-utils(x86-64)

Files


Sources on Pagure