[ol9_developer_EPEL] proftpd-devel-1.3.8b-1.el9.x86_64

This package is required to build additional modules for ProFTPD.

Changelog (Show File list) (Show related packages)

• Wed Dec 20 2023 Paul Howarth <paul@city-fan.org> - 1.3.8b-1

  - Update to 1.3.8b
    - Compiling ProFTPD 1.3.8a mod_sftp, mod_tls using libressl 3.7.3 failed
      (GH#1735)
    - Build system failed for specific module names (GH#1756)
    - "Terrapin" Prefix Truncation Attacks in SSH Specification affected mod_sftp
      (CVE-2023-48795, GH#1760)

• Mon Oct 09 2023 Paul Howarth <paul@city-fan.org> - 1.3.8a-1

  - Update to 1.3.8a
    - Fix mod_sftp failure to handle SFTP requests to truncate files to zero size
      (GH#1581)
    - Fix mod_sftp improperly handling SFTP WRITE requests for files opened for
      appending (GH#1584)
    - Build-time detection of Linux POSIX ACL support was broken since 1.3.8rc2
      (GH#1568)
    - Fix failure to load mod_rewrite as a dynamic module due to
      incomplete/missing library linker flags (GH#1590)
    - <Class> section is allowed to be in <Global>, but From directive is not
      (GH#1597)
    - ExtendedLog SSH, SFTP classes not working as expected (GH#1617)
    - Fix mod_sftp not handling multiple concurrent open file handles/transfers
      well for logging (GH#1646)
    - "TLSRequired off" plus Protocols directive caused mod_tls to terminate the
      session abruptly (GH#1679)
    - Fix mod_tls failure to compile against OpenSSL 3.0.8 due to missing
      ENGINE_METHOD_ flags (GH#1689)
    - Unknown named connection error when using different SQL backends (GH#1659)
    - Fix mod_sql not properly closing all named backend connections on session
      exit (GH#1697)
    - SSH key exchanges failed unexpectedly with "unable to write X bytes of raw
      data" errors due to small ProFTPD buffer (GH#1694)
    - Fix high session memory usage caused by SFTP outgoing data buffering
      (GH#1678)
    - Out-of-bounds buffer read when handling FTP commands (GH#1683)
    - SFTP algorithm settings in <Global> section were not being used (GH#1712)

• Fri Feb 03 2023 Paul Howarth <paul@city-fan.org> - 1.3.8-4

  - Ensure mod_rewrite is linked against libidn2 so that it loads properly
    (rhbz#2166454, https://github.com/proftpd/proftpd/issues/1590)
  - No longer need to explicitly remove libtool archives from Fedora 36 onwards

• Sat Jan 21 2023 Paul Howarth <paul@city-fan.org> - 1.3.8-3

  - Add PCRE2 support (rhbz#2158885)

• Mon Dec 05 2022 Paul Howarth <paul@city-fan.org> - 1.3.8-1

  - Update to 1.3.8
    - 1.3.8rc4 failed to build mod_sftp with OpenSSL 1.1.0 due to X448 check
      (GH#1488)
    - 1.3.8rc4 failed to build on Solaris due to missing type declarations
      (GH#1494)
    - mod_ifsession doesn't change the effect of SFTPMaxChannels (GH#1500)
    - mod_tls module unexpectedly allows TLS handshake after authentication in
      some configurations (GH#1533)
    - Disable FSCachePolicy by default (GH#1528)
    - Avoid logging "session closed" messages unless there is a corresponding
      "session opened" log message, to avoid user confusion (GH#1539)
    - Implement support for the CSID FTP command (GH#1550)
    - Unable to verify signed data: signature type 'rsa-sha2-512' does not match
      publickey algorithm 'ssh-rsa' (Bug #4491)
    - mod_auth_otp improperly allows keyboard-interactive logins for users
      lacking OTP entries (GH#1560)
  - Update mod_vroot to 0.9.11
    - Addresses a bad interaction with mod_auth_file, and failed login attempts,
      which can lead to inexplicably "stuck" processes that cannot be terminated
      (https://github.com/proftpd/proftpd/issues/1384)
  - Use SPDX-format license tag

• Thu Aug 04 2022 Paul Howarth <paul@city-fan.org> - 1.3.8-0.4.rc4

  - Update mod_vroot to 0.9.10
    - Fix unexpected filtering behaviour with mod_vroot (#2104972, GH#1491)

• Sun Jul 24 2022 Paul Howarth <paul@city-fan.org> - 1.3.8-0.3.rc4

  - Update to 1.3.8rc4
    - mod_sftp should fail on startup when SFTP and TLS are both enabled for a
      vhost (GH#1434)
    - DelayTable not properly using documented default value; this is a
      regression caused by the changes for Bug#4020 (GH#1440)
    - Support customizing SSH ciphers, digests, key exchanges via SFTPClientMatch
      (GH#1444)
    - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x (GH#1448)
    - BanOnEvent BadProtocol triggers segfault (GH#1445)
    - SFTP "check-file" implementation computes incorrect results (GH#1439)
    - Implement SFTPHostKeys directive for configuring the SSH host key
      algorithms (GH#1457)
    - Implement the "curve448-sha512" SSH key exchange algorithm (GH#1437)
    - Include directive broken when using wildcards for directory components
      (GH#1472)
    - mod_sftp fails to build using OpenSSL 1.0.x: undefined reference to
      'EVP_MD_CTX_reset' (Bug #4485)
    - Reload after omitting explicit ModulePath value causes fatal module load
      failures (GH#1476)
  - Drop pcre build dependency since we have been explicitly disabling it for the
    last 5 years anyway
  - Fix X448 support check to fail properly with OpenSSL 1.1.0 (GH#1488)

• Mon Apr 25 2022 Paul Howarth <paul@city-fan.org> - 1.3.8-0.2.rc3

  - Update to 1.3.8rc3
    - Support SSH hostkey rotation via OpenSSH extensions (GH#1323)
    - NLST did not behave consistently for relative paths (GH#1325)
    - Support AES Galois Counter Mode (AES-GCM) in SSH; support for the
      "aes128-gcm@openssh.com" and "aes256-gcm@openssh.com" ciphers has been
      added to mod_sftp (Bug #3759)
    - Implement an LDAPConnectTimeout directive, to configure the timeout used
      when connecting to LDAP servers (GH#1333)
    - Implement OpenSSH "Encrypt-Then-MAC" (ETM) algorithm extensions (GH#1330)
    - Implement AllowForeignAddress class matching for passive data transfers
      (GH#1346)
    - Implement support for PCRE2 (GH#1353)
    - ProFTPD wouldn't start with several locales (Bug #4466)
    - Auth sources providing space-bearing user/group names caused compliance
      issues with MLSD/MLST responses (GH#1367)
    - DeleteAbortedStores removed successfully transferred files unexpectedly
      (Bug #4467)
    - Omit EPRT/EPSV from FEAT response when denied by <Limit> configuration
      (GH#1383)
    - Support uploading to symlinked files (GH#1379)
    - Keepalive socket options should be set using IPPROTO_TCP, not SOL_SOCKET
      (GH#1401)
    - TCP keepalive SocketOptions should apply to control as well as data
      connection (GH#1402)
    - ProFTPD always used the same PassivePorts port for first transfer (GH#1396)
    - mod_sftp needs to handle unknown SSH messages in an RFC-compliant manner,
      ignoring rather than disconnecting (GH#1410)
    - Improve handling of some globally applied configuration directives (GH#1418)
    - Name-based virtual hosts not working as expected after upgrade from 1.3.7a
      to 1.3.7b (GH#1369)

• Mon Dec 20 2021 Paul Howarth <paul@city-fan.org> - 1.3.8-0.1.rc2

  - Update to 1.3.8rc2
    - mod_sftp crashes when handling aes256-ctr OpenSSH-specific key with some
      old OpenSSL versions (Bug #4401)
    - mod_ifsession failed to reset directory config lookup after <Directory>
      section merges (Bug #4315)
    - Support <Limit> configurations for HELP command (GH#1296)
    - Add support for the libidn2 library, over libidn, for e.g. mod_rewrite
      mappings (GH#1286)
    - Changed the default behaviour of mod_tls, such that TLS renegotiations on
      control/data connections are not requested by default - TLS renegotiations
      have a long and sordid history; many SSL/TLS libraries no longer implement
      them, or disable them by default (Bug #4443)
    - mod_auth_otp should honor RequireTableEntry semantics for SFTP logins
      (GH#1319)
  - Build with libidn2 support
  - Drop support for EOL distributions prior to EL-7
    - Always use systemd and assume preset support
    - %{rundir} is always /run
    - Use systemd scriptlet macros from systemd-rpm-macros
    - Always use libmemcached
    - Use %license unconditionally
  - Fix use of deprecated check APIs (GH#1262)