Bug#992920: proftpd-mod-crypto: sftp connection aborts with "Corrupted MAC on input"
Package: proftpd-mod-crypto Version: 1.3.7a+dfsg-12 Severity: important Dear Maintainer, Since upgrading to bullseye, proftpd's sftp server fails with some MAC algorithms. This works: sftp -o MACs=hmac-sha2-256 user@proftpd-server This fails: sftp -o MACs=umac...@openssh.com user@proftpd-server The failure manifests as an aborted connection after a few KB of data traffic. The debian CLI sftp client will display the message: Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to x.x.x.x port 22: message authentication code incorrect This means that some clients can no longer constructively use the server with their standard options. -- System Information: Debian Release: 11.0 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages proftpd-mod-crypto depends on: ii libc6 2.31-13 ii libpam0g 1.4.0-9 ii libsodium23 1.0.18-1 ii libssl1.1 1.1.1k-1+deb11u1 ii proftpd-core 1.3.7a+dfsg-12 ii zlib1g1:1.2.11.dfsg-2 proftpd-mod-crypto recommends no packages. proftpd-mod-crypto suggests no packages. -- no debconf information
Bug#921346: rssh update removes setuid flag from /usr/lib/rssh/rssh_chroot_helper
Package: rssh Version: 2.3.4-4+deb8u1 Applied the update yesterday. It removed +s from /usr/lib/rssh/rssh_chroot_helper which broke chroot functionality. In the log we started getting these messages when an inbound connection was attempted: Feb 4 13:38:08 wdc-aa-04 rssh_chroot_helper[12309]: new session for backup- dev01, UID=758Feb 4 13:38:08 wdc-aa-04 rssh_chroot_helper[12309]: chroot() failed, 5: Operation not permitted This command resolved it: chmod +s /usr/lib/rssh/rssh_chroot_helper
Bug#536824: joe: Joe misbehaves when installed as default editor
Package: joe Version: 3.5-2 Severity: normal Bug 269334 seems to be back. On my etch systems, with 3.5.1-1, using update-alternatives to set the editor to jpico works correctly. On my lenny systems, with 3.5-2, it does not; /etc/alternatives/editorrc continues to point to /etc/joe/joerc, so the editor runs with the joe persona instead of as jpico. Manually correcting the link solves the problem. -- System Information: Debian Release: 5.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages joe depends on: ii libc6 2.7-18 GNU C Library: Shared libraries ii libncurses5 5.7+20081213-1 shared libraries for terminal hand joe recommends no packages. joe suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
