#13165 closed enhancement (fixed)

proftpd-1.3.6c

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 9.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New nano version.

Change History (3)

comment:1 by Bruce Dubbs, 17 months ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 17 months ago

1.3.6c

  • Issue 810 - mod_tls does not compile with LibreSSL 2.9.x.
  • Issue 750 - MaxClientsPerUser not enforced for SFTP logins when mod_digest enabled.
  • Issue 793 - mod_sftp does not support OpenSSH-specific private key format. Now mod_sftp detects such keys, and logs a hint about reformatting them to a supported format.
  • Issue 863 - Directory listing is slower compared to previous ProFTPD versions.
  • Issue 866 - mod_sftp crashes when using pubkey-auth with DSA keys.
  • Issue 859 - Improper handling of TLS CRL lookups.
  • Issue 870 - Leaking PAM handler and data in case of unsuccessful authentication.
  • Bug 4385 - SSH authentication fails for many clients due to receiving of SSH_MSG_IGNORE packet.
  • Issue 890 - SFTP publickey authentication fails unexpectedly when user has no shadow password info.
  • Issue 898 - ftpasswd fails to restore password file permissions in some cases.
  • Issue 903 - Use-after-free vulnerability in memory pools during data transfer.
  • Issue 902 - Out-of-bounds read in mod_cap getstateflags() function. This has been addressed by updating the bundled version of libcap.

comment:3 by Bruce Dubbs, 17 months ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 22730.

Note: See TracTickets for help on using tickets.