Changelog for
proftpd-utils-1.3.8c-1.el9.x86_64.rpm :
* Thu Dec 12 2024 Paul Howarth
- 1.3.8c-1- Update to 1.3.8c - Using FTPS after upgrading from 1.3.8a to 1.3.8b lead to crash (GH#1770) - Bad handling of lack of extended attributes lead to SFTP out of memory error (GH#1785) - mod_sftp_sql logged \"header value too long\" due to unexpected key header text (GH#1529) - SSH ECDSA host key algorithms were not used as expected despite configuring appropriate key (GH#1839) - RADIUS Message-Authenticator verification failed with ProFTPD mod_radius (GH#1840) - Supplemental group inheritance granted unintended access to GID 0 due to lack of supplemental groups from mod_sql (GH#1830)
* Tue Nov 19 2024 Paul Howarth - 1.3.8b-4- Fix RADIUS Message-Authenticator verification in mod_radius - https://github.com/proftpd/proftpd/issues/1840 - https://bugzilla.redhat.com/show_bug.cgi?id=2325448
* Sun Mar 31 2024 Paul Howarth - 1.3.8b-3- Add \'proxy\' sub-package with unbundled mod_proxy (rhbz#2272051)- Update fsio.c: if mkdir fails with EEXIST, also clear the cache (GH#1677)
* Mon Jan 01 2024 Paul Howarth - 1.3.8b-2- Use libsodium to provide ed25519 key support for mod_sftp (#2256340)- Update logrotate snippet to use try-reload-or-restart rather than reload for distributions with systemd 229 or later (PR#3)
* Wed Dec 20 2023 Paul Howarth - 1.3.8b-1- Update to 1.3.8b - Compiling ProFTPD 1.3.8a mod_sftp, mod_tls using libressl 3.7.3 failed (GH#1735) - Build system failed for specific module names (GH#1756) - \"Terrapin\" Prefix Truncation Attacks in SSH Specification affected mod_sftp (CVE-2023-48795, GH#1760)
* Mon Oct 09 2023 Paul Howarth - 1.3.8a-1- Update to 1.3.8a - Fix mod_sftp failure to handle SFTP requests to truncate files to zero size (GH#1581) - Fix mod_sftp improperly handling SFTP WRITE requests for files opened for appending (GH#1584) - Build-time detection of Linux POSIX ACL support was broken since 1.3.8rc2 (GH#1568) - Fix failure to load mod_rewrite as a dynamic module due to incomplete/missing library linker flags (GH#1590) - section is allowed to be in , but From directive is not (GH#1597) - ExtendedLog SSH, SFTP classes not working as expected (GH#1617) - Fix mod_sftp not handling multiple concurrent open file handles/transfers well for logging (GH#1646) - \"TLSRequired off\" plus Protocols directive caused mod_tls to terminate the session abruptly (GH#1679) - Fix mod_tls failure to compile against OpenSSL 3.0.8 due to missing ENGINE_METHOD_ flags (GH#1689) - Unknown named connection error when using different SQL backends (GH#1659) - Fix mod_sql not properly closing all named backend connections on session exit (GH#1697) - SSH key exchanges failed unexpectedly with \"unable to write X bytes of raw data\" errors due to small ProFTPD buffer (GH#1694) - Fix high session memory usage caused by SFTP outgoing data buffering (GH#1678) - Out-of-bounds buffer read when handling FTP commands (GH#1683, CVE-2023-51713) - SFTP algorithm settings in section were not being used (GH#1712)
* Fri Feb 03 2023 Paul Howarth - 1.3.8-4- Ensure mod_rewrite is linked against libidn2 so that it loads properly (rhbz#2166454, https://github.com/proftpd/proftpd/issues/1590)- No longer need to explicitly remove libtool archives from Fedora 36 onwards
* Sat Jan 21 2023 Paul Howarth - 1.3.8-3- Add PCRE2 support (rhbz#2158885)