Fedora 20 Update: proftpd-1.3.4e-1.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Wed Feb 25 13:24:44 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-2120
2015-02-17 04:43:25
--------------------------------------------------------------------------------
Name : proftpd
Product : Fedora 20
Version : 1.3.4e
Release : 1.fc20
URL : http://www.proftpd.org/
Summary : Flexible, stable and highly-configurable FTP server
Description :
ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory
visibility.
This package defaults to the standalone behavior of ProFTPD, but all the
needed scripts to have it run by xinetd instead are included.
--------------------------------------------------------------------------------
Update Information:
This is an update to the last maintenance release of the 1.3.4 series from upstream.
There is also a fix to the configuration file for the anonymous upload directory operation when mod_vroot is being used.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 16 2015 Paul Howarth <paul at city-fan.org> - 1.3.4e-1
- Update to 1.3.4e
- Fixed numerous upstream-reported bugs:
- Spurious log messages at session close (bug 3945)
- LogFormat %f variable not resolved properly for SFTP renames (bug 3947)
- mod_delay allows too-large values, leading to client hang on
authentication (bug 3858)
- Null pointer dereference for mod_ldap logins when LDAPDefaultAuthScheme
not configured (bug 3951)
- scp downloads result in segfault (bug 3954)
- ProFTPD configuration with thousands of <Directory>/<Limit> sections
leads to slow logins (bug 3957)
- mod_sftp does not honor <Directory>/<Limit> sections when symlinks are
involved (bug 3959)
- Directory creation does not honor single-parameter Umask setting
(bug 3958)
- Directory creation fails (chmod(2) EPERM) when root privs are used in
some cases (bug 3962)
- Authentication error on Cygwin due to bad code (bug 3972)
- mod_sftp can be forced to allocate too much memory for
keyboard-interactive authentication (bug 3973, CVE-2013-4359)
- PathDenyFilter directive does not work as expected for SFTP sessions
(bug 3974)
- Improve permission setting when creating directories (bug 3963)
- Null pointer dereference in mod_exec with ExecOption useStdin (bug 3981)
- Support filesystems that do not support chmod(2)/chown(2), e.g. FAT/ExFAT
(bug 3986)
- SSL session caching modules use incorrect OpenSSL cache mode flags,
breaking session caching (bug 3991)
- ProFTPD should not use fd 2 (stderr) for files (bug 3970)
- RSA signature issue when connecting using PuTTY/WinSCP (bug 3992)
- mod_sftp fails key exchange for 8192-bit DH group (bug 4001)
- IgnoreSCPUploadPerms SFTPOption not honored properly for SCP directory
upload (bug 4004)
- RADIUS "service-type" attribute encoded with wrong length on 64-bit
system (bug 4006)
- SCP upload of shorter file does not completely overwrite existing file of
same name (bug 4013)
- "Directory not empty" error when creating directory is misleading
(bug 4022)
- Restarting proftpd with mod_sftp fails due to permissions on SFTPHostKey
file (bug 4032)
- SSH publickey authentication fails with "MaxLoginAttempts 1" (bug 4034)
- ALLO command failed because of bad size check (bug 4046)
- Race condition in mod_ban can lead to segfault of all new connections
(bug 4048)
- MIC command between RNFR and RNTO should not be rejected (bug 4042)
- mod_facl prevents a normal SIGHUP reload (bug 4044)
- Drop patches for issues resolved in new upstream release
- Anonymous upload directory specification needs to be slightly different if
mod_vroot is in use (#1045922)
http://sourceforge.net/p/proftp/mailman/message/31728570/
- Backport some changes from upstream's 1.3.5 release to get the API tests to
build
- Use %license where possible
* Fri Dec 20 2013 Paul Howarth <paul at city-fan.org> 1.3.4d-5
- Fix support for 8192-bit DH parameters (#1044586)
- Add 3072-bit and 7680-bit DH parameters (upstream bug 4002)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1045922 - Known bug with the anonymous FTP upload directory, with a workaround
https://bugzilla.redhat.com/show_bug.cgi?id=1045922
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update proftpd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list