proftpd-1.3.6

[bdubbs@…]

New point version.

[bdubbs@…]

1.3.6 - Released 09-Apr-2017

• Bug 4284 - SITE UTIME not working with group permissions.
• Bug 4289 - LDAPSearchScope does not alter search scope as expected. When the LDAPServer directive is used with LDAP URLs, the LDAPSearchScope should not be used; the handler was failing to handle this case properly.
• Bug 4285 - In AIX, log failed logins so that user accounts can be locked by the OS after multiple failed login attempts.
• Added mod_wrap2_redis to the contrib/ modules directory.
• Bug 4295 - AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks (CVE-2017-7418).
• Bug 4299 - TimeoutLogin not working for SFTP connections.

1.3.6rc4 - Released 15-Jan-2017

• Bug 4283 - All FTP logins treated as anonymous logins again. This is a regression of Bug#3307.

1.3.6rc3 - Released 14-Jan-2017

• Bug 4222 - Add support for curve25519-sha256@… key exchange.
• Bug 4186 - ProFTPD creates name-based vhost when it should not.
• Bug 4233 - Support enforcing minimum key lengths for SFTP/SCP.
• Bug 4235 - Recursive SCP uploads of directories fail with "No such file or directory".
• Bug 4154 - Support for scrypt in mod_sql_passwd. This also includes support for Argon2, assuming use of libsodium-1.0.9 or later.
• Bug 4237 - Corrupted ASCII uploads. The refactoring work for Bug#4151 had introduced a bug in the handling of ASCII uploads, now fixed.
• Bug 4220 - Support reading geoip filters from SQL databases.
• Bug 4242 - Using mod_memcache results in segfault (signal 11). Caused by a bug in libmemcached-1.0.18 and earlier.
• Bug 4244 - Long-running sessions consume memory continuously.
• Bug 4248 - ALLO command failed unexpectedly.
• Bug 4247 - ProFTPD runs out of memory when listing very large directories (e.g. over 400GB).
• Bug 4254 - SSH rekey during authentication can cause issues with clients.
• Bug 4257 - Recursive SCP uploads of multiple directories not handled properly.
• Bug 4252 - Clients sometimes receive extra 450 response on ABOR.
• Bug 4259 - LIST returns different results for file, depending on path syntax.
• Bug 4255 - "AuthAliasOnly on" in server config breaks anonymous logins.
• Bug 4240 - Support OpenSSL 1.1.x API.
• Bug 4262 - SITE CPTO returns 250 even when the copy operation fails due to the user's quota being exceeded.
• Bug 4263 - SITE CPTO terminated by TimeoutIdle.
• Bug 4265 - Omit version information from ServerIdent banner by default.
• Bug 4264 - Support larger fixed DH groups in SSH key exchange.
• Bug 3849 - Allow wildcarded directory names in Include patterns.
• Bug 3662 - Allow SIZE command while in ASCII mode via build-time option.
• Bug 4272 - CapabilitiesEngine directive not honored for <IfUser>/<IfGroup> sections.
• Bug 4267 - NLST should allow for sorted output. The ListOptions directive now supports a SortedNLST flag for such use cases.
• Bug 4260 - Restarting server fails when using password-protected SSL certificates and no TLSPassPhraseProvider.
• Bug 4216 - SSH rekeying causes invalid packet due to interrupting timer.
• Bug 4278 - Memory leak when mod_facl is used.

Many more in NEWS file.

[bdubbs@…]

Fixed at revision 18580.

[bdubbs@…]

Milestone renamed

[bdubbs@…]

Milestone renamed