#13165: proftpd-1.3.6c
-------------------------+-----------------------
Reporter: bdubbs | Owner: bdubbs
Type: enhancement | Status: assigned
Priority: normal | Milestone: 9.1
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Comment (by bdubbs):
1.3.6c
- Issue 810 - mod_tls does not compile with LibreSSL 2.9.x.
- Issue 750 - MaxClientsPerUser not enforced for SFTP logins when
mod_digest
enabled.
- Issue 793 - mod_sftp does not support OpenSSH-specific private key
format.
Now mod_sftp detects such keys, and logs a hint about reformatting them
to a supported format.
- Issue 863 - Directory listing is slower compared to previous ProFTPD
versions.
- Issue 866 - mod_sftp crashes when using pubkey-auth with DSA keys.
- Issue 859 - Improper handling of TLS CRL lookups.
- Issue 870 - Leaking PAM handler and data in case of unsuccessful
authentication.
- Bug 4385 - SSH authentication fails for many clients due to receiving of
SSH_MSG_IGNORE packet.
- Issue 890 - SFTP publickey authentication fails unexpectedly when user
has
no shadow password info.
- Issue 898 - ftpasswd fails to restore password file permissions in some
cases.
- Issue 903 - Use-after-free vulnerability in memory pools during data
transfer.
- Issue 902 - Out-of-bounds read in mod_cap getstateflags() function.
This
has been addressed by updating the bundled version of libcap.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/13165#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
