Name: | proftpd |
Version: | 1.3.5e |
Release: | 3.el7 |
Architecture: | x86_64 |
Group: | Unspecified |
Size: | 10140305 |
License: | GPLv2+ |
RPM: |
proftpd-1.3.5e-3.el7.x86_64.rpm
|
Source RPM: |
proftpd-1.3.5e-3.el7.src.rpm
|
Build Date: | Sat Nov 04 2017 |
Build Host: | x86-ol7-builder-01.us.oracle.com |
Vendor: | Oracle America |
URL: | http://www.proftpd.org/ |
Summary: | Flexible, stable and highly-configurable FTP server |
Description: | ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory
visibility.
This package defaults to the standalone behavior of ProFTPD, but all the
needed scripts to have it run by xinetd instead are included. |
-
Wed Sep 20 2017 Paul Howarth <paul@city-fan.org> - 1.3.5e-3
- Add sqlite sub-package with mod_sql_sqlite for SQLite support (#1328321)
-
Wed May 03 2017 Paul Howarth <paul@city-fan.org> - 1.3.5e-2
- AllowChrootSymlinks off could cause login failures depending on filesystem
permissions: use the IDs of the logging-in user to perform the directory
walk, looking for symlinks, to be more consistent with similar checks done
during login (#1443507, upstream bug 4306)
- Crypt::CrackLib always available now
-
Mon Apr 10 2017 Paul Howarth <paul@city-fan.org> - 1.3.5e-1
- Update to 1.3.5e
- SFTP clients using umac-64@openssh.com digest failed to connect
(upstream bug 4287)
- SFTP rekeying failure with ProFTPD 1.3.5d, caused by null pointer
dereference (upstream bug 4288)
- AllowChrootSymlinks off did not check entire DefaultRoot path for symlinks
(CVE-2017-7418, upstream bug 4295)
- Change shellbangs in shipped perl scripts to use system perl
- Drop EL-5 support
- Drop BuildRoot: and Group: tags
- Drop explicit buildroot cleaning in %install section
- Drop explicit %clean section
- /etc/pam.d/password-auth always available now
- pcre 7.0 or later always available now
-
Wed Feb 08 2017 Paul Howarth <paul@city-fan.org> - 1.3.5d-2
- Properly allocate (and clear) the UMAC contexts, to fix segfault in mod_sftp
(#1420365, upstream bug 4287)
-
Mon Jan 16 2017 Paul Howarth <paul@city-fan.org> - 1.3.5d-1
- Update to 1.3.5d
- Support OpenSSL 1.1.x API (upstream bug 4275)
Bug fixes:
- SSH rekey during authentication can cause issues with clients
(upstream bug 4254)
- Recursive SCP uploads of multiple directories not handled properly
(upstream bug 4257)
- LIST returns different results for file, depending on path syntax
(upstream bug 4259)
- "AuthAliasOnly on" in server config breaks anonymous logins
(upstream bug 4255)
- CapabilitiesEngine directive not honored for <IfUser>/<IfGroup> sections
(upstream bug 4272)
- Memory leak when mod_facl is used (upstream bug 4278)
- All FTP logins treated as anonymous logins again (upstream bug 4283,
regression in 1.3.5c of upstream bug 3307)
-
Sat May 21 2016 Paul Howarth <paul@city-fan.org> - 1.3.5b-2
- Handle client/server version skew in mod_sql_mysql
(https://forums.proftpd.org/smf/index.php?topic=11887.0)
- Fix a possible cause of segfaults in mod_sftp (#1337880, upstream bug 4203)
- See if we can fix crash in mod_lang
http://bugs.proftpd.org/show_bug.cgi?id=4206
https://retrace.fedoraproject.org/faf/reports/10744/
- BR: perl-generators for correct dependencies in utils sub-package
- Prefer %global over %define
-
Fri Mar 11 2016 Paul Howarth <paul@city-fan.org> - 1.3.5b-1
- Update to 1.3.5b
- mod_geoip did not load all of the GeoIPTables properly (upstream bug 4187)
- "Incorrect string value" reported by mod_sql_mysql for some UTF8 characters
(upstream bug 4191)
- SSH rekey failed when using RSA hostkey smaller than 2048 bits
(upstream bug 4097)
- MLSD/MLST fact type "cdir" is incorrectly used for the current working
directory (upstream bug 4198)
- HiddenStores temporary files not removed when exceeding quota using SCP
(upstream bug 4201)
- MLSD lines not properly terminated with CRLF (upstream bug 4202)
- Zero-length memory allocation possible, with undefined results
(upstream bug 4209)
- Avoid unbounded SFTP extended attribute key/values (upstream bug 4210)
- Ensure that FTP data transfer commands fail appropriately when
"RootRevoke on" is in effect (upstream bug 4212)
- Handle FTP re-authentication attempts better (upstream bug 4217)
- Permissions on files uploaded via STOU did not honor configured Umask
(upstream bug 4223)
- Support SFTP clients that send multiple INIT requests (upstream bug 4227)
- TLSDHParamFile directive appears ignored because unexpected DH is chosen
(upstream bug 4230)
- Drop unbundled old version of mod_geoip
- Drop upstreamed patches
-
Tue Dec 01 2015 Paul Howarth <paul@city-fan.org> - 1.3.5a-2
- Avoid unbounded SFTP extended attribute key/values
(#1286977, http://bugs.proftpd.org/show_bug.cgi?id=4210)
-
Thu May 28 2015 Paul Howarth <paul@city-fan.org> - 1.3.5a-1
- Update to 1.3.5a
- Fixed "stalled" SSL/TLS handshakes for data transfers
- Fixed handling of SSH keys with overlong Comment headers in mod_sftp_sql
- By default, mod_tls will no longer support SSLv3 connections; in order to
support SSLv3 connections (for sites that need to), you must explicitly
configure this via the TLSProtocol directive, e.g.:
TLSProtocol SSLv3 TLSv1 ...
- The mod_copy module is enabled by default; there may be cases where the
module should be disabled, without requiring a rebuild of the server, thus
mod_copy now supports a CopyEngine directive to enable/disable the module
- The DeleteAbortedStores directive (for Bug#3917) is only enabled when
HiddenStores is in effect, as intended when originally implemented, rather
than all the time
- Many other bug-fixes, see NEWS for details
- Drop upstreamed patches
-
Tue Apr 28 2015 Paul Howarth <paul@city-fan.org> - 1.3.5-5
- Unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy
(CVE-2015-3306, http://bugs.proftpd.org/show_bug.cgi?id=4169)