Вышел релиз ProFTPD 1.3.2 в котором исправлено 120 ошибок, среди которых устранена серьезная уязвимость в модулях mod_sql_mysql и mod_sql_postgres, используя которую злоумышленник может осуществить подстановку SQL кода (SQL injection) в системах, поддерживающих многобайтовые кодировки со включенной в конфигурации поддержкой NLS (сборка с --enable-nls). Проблеме не подвержены системы с переменной окружения "LANG" выставленной в 8-битную кодировку.
Некоторые наиболее интересные изменения:
По умолчанию активирована поддержка IPv6, для отключения в proftpd.conf нужно указать "UseIPv6 off";
Добавлен перевод сообщений на русский язык;
Устранены проблемы с установкой кодировки на платформе FreeBSD;
По умолчанию значение настройки TimeoutLinger уменьшено с 180 до 30 секунд, так как у большинства клиентов значение время ожидания ответа сервера равняется 60 сек. и чтобы не натолкнуться на таймаут клиента TimeoutLinger не должен превышать 60 сек.;
Исправлено несколько проблем, связанные с обрывом соединения;
Устранена утечка файловых дескрипторов при ведении лога через syslog;
Добавлена утилита prxs для быстрой сборки и установки сторонних модулей без наличия исходных текстов proftpd;
Опция "-vv" теперь в дополнение к списку статически вкомпилированных модулей, отображает и динамически собранные модули. Только статические модули можно просмотреть при помощи опции "-l";
Новые директивы конфигурации:
AuthPAMOptions - установка дополнительных опций для PAM модулей;
MaxTransferPerHost, MaxTransfersPerUser - задание ограничение на максимальное число одновременных передач данных для заданного хоста или пользователя. TLSVerifyOrder - директива для настройки порядка проверки сертификата в коде поддержки протокола OCSP (Online Certificate Status Protocol) в mod_tls;
TransferPriority - позволяет изменить приоритет выполнения процесса;
UseEncoding - в модуле mod_lang добавлена возможность использования кодировки отличной от UTF8 для управляющих соединений;
Прекращена поддержка директив AnonymousGroup и UseUTF8;
Новые модули и скрипты в архиве дополнительных компонент (contrib):
Модуль mod_unique_id для генерации в переменной окружения UNIQUE_ID уникального идентификатора для каждой FTP сессий. Для генерации идентификатора используется IP хоста и клиента, pid-процесса и текущее время;
Модуль mod_sql_odbc для соединения с СУБД через ODBC драйверы;
Модуль mod_dynmasq для автоматического определения и назначения IP через сервисы динамической привязки имен.
mod_sql_sqlite - модуль для хранения аккаутов в SQLite базе;
Скрипт ftpmail отправляющий по почте уведомления о завершении загрузки;
Новые модули из базовой поставки:
Модуль mod_facts с реализацией команд MLSD и MLST, определенных в RFC3659. Поддержка модуля активируется по умолчанию; Поддержка протокола идентификации описанного в RFC1413 вынесена из основного кода и реализована в виде модуля mod_ident.
1.3.2a - Released 30-Jun-2009 ------- - Bug 3121 - Use PQescapeStringConn() rather than PQescapeString(). - Bug 3176 - Postgres chokes on standard charset names. - Bug 3179 - Restarted proftpd using mod_shaper will segfault. - Bug 3188 - prxs broken due to typo. - Bug 3183 - Incorrect logging to wtmp. - Bug 3184 - When started in a chroot, proftpd fails to set transfer buffer size. - Bug 3190 - MLSD/MLST do not honor configurations. - Bug 3196 - mod_quotatab does not honor last group in supplemental group list. - Bug 3203 - Missing SQL backend modules can lead to null pointer segfault in mod_sql. - Bug 3215 - mod_wrap2_sql should support comma-delimited lists of clients. This is the same as Bug#3048, only it affects the mod_wrap2_sql module. - Bug 3221 - Command line defines (-D/--define) are lost on SIGHUP. - Bug 3234 - SSL connections can cause 100% CPU usage. - Added French, Bulgarian, and Korean translations. - Bug 3256 - "SO_OOBINLINE" error occuring again. This is a regression of Bug#2332 caused by code movement in 1.3.2. - Bug 3258 - Log cluttered with "using sendfile capability" messages. - Bug 3261 - Badly formatted TLSRenegotiate directive causes proftpd to hang. - Bug 3257 - CAP_AUDIT_WRITE capability needed for some PAM modules. Downloads (~2,4 Mb)_ftp://ftp.proftpd.or...1.3.2a.tar.bz2
ЭЖД, 21.10.2009 - 17:06
proftpd 1.3.2b
- Bug 3221 - Fixed regression causing command-line -D/--define options not to work. - Bug 3275 - Improper SSL/TLS certificate subjectAltName verification. - Bug 3282 - With "SQLNegativeCache on", mod_sql will look up wrong cached user value for subsequent USER commands. - Bug 3284 - Slower transfers of multiple small file transfers after upgrade from 1.3.0a to 1.3.2a. - Bug 3287 - MaxTransfersPerHost, MaxTransfersPerUser directives not supported properly. - Bug 3297 - Symlinks to directories which end in trailing slashes may not be handled properly. Downloads (~2,4 Mb)_ftp://ftp.proftpd.or...1.3.2b.tar.bz2
ЭЖД, 12.12.2009 - 17:16
proftpd 1.3.2c
1.3.2c ------- - Bug 3324 - Vulnerability in SSL/TLS protocol during renegotiation (CVE-2009-3555). - Bug 3328 - Failed database transaction can cause mod_quotatab to loop endlessly. - Bug 3332 - Segfault in mod_wrap when TCPAccessFiles do not exist and client sends USER for account which does not exist. - Bug 3337 - sections with a trailing directory name of one character have problems. This is a regression caused by Bug#3146. - Bug 3341 - mod_wrap2 segfaults when a valid user retries the USER command. - Bug 3350 - Segfault caused by scrubbing zero-length portion of memory. - Bug 3347 - mod_auth_file handles 'getgroups' request incorrectly. - Bug 3351 - Nonchrooted logins on HPUX do not get proper UID/GID. Downloads (~2,5 Mb)_ftp://ftp.proftpd.or...1.3.2c.tar.bz2
ЭЖД, 13.02.2010 - 21:51
proftpd 1.3.2d
1.3.2d - Released 12-Feb-2010 ------- - Bug 3358 - mod_tls doesn't compile with pre-0.9.7 openssl. - Bug 3370 - Lack of PID protection in ScoreboardFile. - Bug 3372 - ProFTPD crashes when retrying a failed login with mod_radius being used. - Bug 3381 - RADIUS authentication broken on 64-bit platforms. - Bug 3387 - SIGHUP will eventually cause certain modules (as DSO modules) to segfault. Downloads (~2,5 Mb)_ftp://ftp.proftpd.or...1.3.2d.tar.bz2
ЭЖД, 25.02.2010 - 18:34
proftpd 1.3.3
» ChageLog «
- Bug 3389 - Cannot create mod_ban whitelists using and sections. - Bug 3397 - HideFiles none does not work properly on a per-user basis. - Bug 3355 - mod_ban should support BanEngine in config sections. - Bug 3358 - mod_tls doesn't compile with pre-0.9.7 openssl. - Bug 3357 - mod_sftp fails to compile on AIX. - Bug 3356 - Build timestamp using date(1) can fail depending on environment. - Bug 3359 - mod_tls_shmcache segfaults during syntax check. - Bug 3362 - Regression in handling of MaxLoginAttempts in 1.3.3rc1. - Bug 3370 - Lack of PID protection in ScoreboardFile. - Bug 3372 - ProFTPD crashes when retrying a failed login with mod_radius being used. - Bug 3375 - Minor SIGHUP-based memory leak in mod_tls. - Bug 3376 - Handle the full RFC4716 formatted keys in SQL values. - Bug 3377 - mod_wrap2 attempts to resolve 'ALL' keyword as an IP address. - Bug 3383 - ExtendedLog variables for protocol and version not handled properly. - Bug 3381 - RADIUS authentication broken on 64-bit platforms. - Bug 3380 - Support user-specific salts in encoded passwords. - Bug 3385 - Memory leak during SCP download. - Bug 3386 - Downloading via SCP can stall due to rekeying. - Bug 3387 - SIGHUP will eventually cause certain modules (as DSO modules) to segfault. - Bug 3303 - FileZilla reports "Server did not properly shut down TLS connection" after TimeoutIdle triggered. - Bug 3305 - Emulate Solaris 10 syslog "header" on Solaris 10 servers. - Bug 3307 - All FTP logins treated as anonymous logins. - Bug 3312 - Uploading via SFTP/SCP to FIFO whose reader is closed causes session to hang. - Bug 3313 - Uploading via SFTP to FIFOs fails due to illegal lseek(2), truncate(2) calls. - Bug 3314 - Downloading from FIFOs via SFTP/SCP fails. - Bug 3315 - Support the %u variable in SFTPAuthorizedUserKeys paths. - Bug 3316 - Messages from PAM modules are ignored when authenticating SSH clients via 'keyboard-interactive'. - Bug 3317 - mod_wrap/libwrap should honor SyslogFacility setting. - Bug 3311 - configure script should automatically detect when -ldl is needed by OpenSSL. - Bug 3324 - Vulnerability in SSL/TLS protocol during renegotiation (CVE-2009-3555). - Bug 3327 - Clear external SSL session caches on server restart/shutdown. - Bug 3326 - Shared memory segment used for session cache should be protected via mlock(2). - Bug 3322 - Support the "version-select" SFTP extension. - Bug 3321 - Support the "check-file-name" and "check-file-handle" SFTP extensions. - Bug 3320 - Support the "copy-file" SFTP extension. - Bug 3328 - Failed database transaction can cause mod_quotatab to loop endlessly. - Bug 3307 - Transparently handle the X-variant commands when checking permissions. The fix for this issue has been reimplemented to be more transparent; some existing configurations were broken by the previous implementation. - Bug 3329 - Support the "vendor-id" SFTP extension. - Bug 3332 - Segfault in mod_wrap when TCPAccessFiles do not exist and client sends USER for account which does not exist. - Bug 3333 - mod_sql_mysql should support calling stored procedures better. - Bug 3337 - sections with a trailing directory name of one character have problems. This is regression caused by Bug#3146. - Bug 3331 - Update bundled libtool to 2.2.4. - Bug 3341 - mod_wrap2 segfaults when a valid user retries the USER command. - Bug 3342 - FEAT response contains LF without preceding CR. - Bug 3306 - ECONNREFUSED while handling SIGHUP. - Bug 3345 - mod_sftp returns EACCES rather than ENOENT for an OPEN request for a nonexistent file. - Bug 3344 - Support SHA256, SHA512 passwords in databases. - Bug 3348 - Rewriting of home directories via RewriteHome does not work for chrooted sessions. - Bug 3349 - SSL_SESSION_cmp not available in OpenSSL 1.0.0 betas. - Bug 3350 - Segfault caused by scrubbing zero-length portion of memory. - Bug 3347 - mod_auth_file handles 'getgroups' request incorrectly. - Bug 3351 - Nonchrooted logins on HPUX do not get proper UID/GID. - Bug 3352 - mod_sftp does not reject/close connections that have been rejected by mod_wrap. - Bug 3263 - Supplying option SFTPRekey timeout parameter causes segmentation fault. - Bug 3265 - SFTP requests are logged to ExtendedLog without regard to classes. - Bug 2758 - ProFTPD doesn't always pay attention to AccessDenyMsg. - Bug 3266 - Support "implicit" FTPS. - Bug 2070 - AuthAliasOnly off in section kills anonymous logins. - Bug 3268 - Files whose names start with whitespace are not listed properly. - Bug 1908 - ExtendedLog to work properly in context. - Bug 3269 - RewriteCondition OR/ornext flag does not work. - Bug 3254 - NLST/LIST and symbolic link problem. - Bug 3272 - Avoid encoding if to/from charsets are the same. - Bug 3274 - Timestamp formatting in TransferLog needs padded day-of-month. - Bug 3270 - Lost connections to databases not correctly handled. This also adds support for a new "noReconnect" SQLOption. - Bug 3275 - Improper SSL/TLS certificate subjectAltName verification. - Bug 3252 - %F/%f Display variables can report wrong size on 64-bit systems. - Bug 3278 - Aborted data transfers not reflected in RADIUS accounting. - Bug 3282 - With "SQLNegativeCache on", mod_sql will look up wrong cached user value for subsequent USER commands. - Bug 3284 - Slower transfers of multiple small file transfers after upgrade from 1.3.0a to 1.3.2a. - Bug 3279 - .ftpaccess configurations not merged properly with existing configuration. - Bug 3287 - MaxTransfersPerHost, MaxTransfersPerUser directives not supported properly. - Bug 2013 - Track RFC2228 sessions in scoreboard. The scoreboard entry format now has a 'protocol' field, for tracking 'ftp' and 'ftps'. - Bug 3286 - Client command field in scoreboard entry too short for SSH2/SFTP commands. - Bug 3229 - LangDefault does not accept any setting on FreeBSD. - Bug 2368 - Allow contrib modules to extend mod_sql's SQLAuthTypes. This also includes a new mod_sql_passwd contrib module which can handle hex- and base64-encoded MD5 and SHA1 passwords, without the leading "{digest}" prefix required by the mod_sql OpenSSL SQLAuthType. - Bug 3292 - "Incorrect MAC received on packet" error using AES CTR ciphers. - Bug 3293 - SFTPCipher arcfour256 does not work properly. - Bug 3294 - Support configurable HiddenStores prefixes. - Bug 3295 - proftpd segfaults when STAT is used with ListOptions "-1". - Bug 3296 - mod_quotatab should reject an upload via APPE if the quota is already exceeded. - Bug 3297 - Symlinks to directories which end in trailing slashes may not be handled properly. - Bug 3298 - QuotaExcludeFilter directive ignored by mod_quotatab. - Bug 3290 - Change default mod_sql connection policy to open database connection on first use. - Bug 3281 - TimeoutLogin not handled properly by mod_ban. - Bug 3213 - Use locale-sensitive libncursesw library for ftptop where available. - Bug 3214 - ftpwho/ftptop truncate UTF8 strings due to byte, versus character, lengths. - Bug 3300 - Support disabling use of S_RLOGIN when calling AIX loginrestrictions(). A new AuthUnixOptions directive is added to support just this one setting, 'aixNoRLogin'. - Bug 1801 - Faulty SQLConnectInfo PERCALL policy - connections not closed after each call. - Bug 2894 - Deprecate the AnonymousGroup directive. - Bug 3123 - Use PQescapeStringConn() rather than PQescapeString(). - Bug 3133 - mod_facts should advertise TVFS support in the FEAT response. - Bug 3128 - mod_sql_sqlite should use transactions for INSERT/UPDATE statements. - Bug 3155 - Change the IdentLookups default to 'off'. The RFC1413 IDENT lookup adds latency to the login process, so much so that it is a FAQ to configure "IdentLookups off". In addition, the IDENT protocol is not secure; it can easily be spoofed using man-in-the-middle attacks. Sites that require IDENT lookups must now explicitly configure "IdentLookups on". - Bug 3156 - Allow resumed downloads when HiddenStore is in effect. - Bug 3170 - RewriteMap unescape URL encoding broken by RewriteCondition backreference handling. - Bug 2728 - Support for variables in ServerIdent directive. The %L, %V, and %v variables are now supported for ServerIdent identity strings. - Bug 3178 - mod_wrap2 does not handle IPv4-mapped IPv6 addresses. - Bug 3179 - Restarted proftpd using mod_shaper will segfault. - Bug 2720 - HideUser/HideGroup should be more flexible. - Bug 3183 - Incorrect logging to wtmp. - Bug 2608 - DNS should not be used for "server config" address discovery. A new -S command-line option has been added, for specifying the IP address to use for the host, rather than using DNS to resolve the host IP address from the hostname. - Bug 3184 - When started in a chroot, proftpd fails to set transfer buffer size. - Added mod_sftp, mod_sftp_pam, and mod_sftp_sql to the contrib modules. - Bug 3185 - mod_wrap2 does not honour partial DNS name in access files. This appears to have been a regression caused by the fix for Bug#3178. - Bug 3186 - Support use of directive with mod_ban. The BanEngine directive can now appear in an section, in order to exclude connection classes from mod_ban's rules. - Bug 3188 - prxs broken due to typo. - Bug 3154 - Update bundled libtool version. The bundled libltdl version has been updated to libtool 1.5.26. - Bug 3111 - Support SSL/TLS server certificates stored in PKCS#12 files. - Bug 3189 - Linker errors occur when using "make -j" parallel builds. ProFTPD now builds successfully using "make -jN", where N is the number of simultaneous build processes to use. - Bug 3176 - Postgres chokes on standard charset names. - Bug 3129 - Support configurable scoreboard scrubbing. A new configuration directive, ScoreboardScrub, can be used to control whether the ScoreboardFile is scrubbed, and how often. - Bug 3190 - MLSD/MLST do not honor configurations. - Bug 3196 - mod_quotatab does not honor last group in supplemental group list. - Bug 3203 - Missing SQL backend modules can lead to null pointer segfault in mod_sql. - Bug 3204 - Better support for installation and libs in prxs. The prxs tool now handles the $Libraries$ build system hints in source files, and honors the DESTDIR environment variable. - Bug 3167 - Support rewriting of home directories. - Bug 2985 - Newest .spec file requires relatively current version of RPM. The provided .spec file now requires RPM 4.2 or later. - Bug 3207 - Support for SSL/TLS session caching across processes/machines. The mod_tls module now supports a TLSSessionCache directive, and an API for modules to provide external SSL session caching mechanisms. - Bug 3210 - Data transfers protected by SSL/TLS should reuse the control connection SSL session. If the TLSRequired policy allows/requires SSL/TLS protections on data tranfers, then reuse of the SSL session from the control connection is now enforced. Use "TLSOptions NoSessionReuseRequired" to relax this requirement. - Bug 3215 - mod_wrap2_sql should support comma-delimited lists of clients. This is the same as Bug#3048, only it affects the mod_wrap2_sql module. - Bug 2613 - Configure script should not append '/proftpd' to the --localstatedir. - Bug 2680 - Add support for . - Bug 3187 - Inconsistent mod_ban logging and display when using "BanEngine off" in an configuration. - Bug 3219 - Support environment variable substitutions in mod_rewrite rules. RewriteCondition and RewriteRules can now contain "%{ENV:var}" style strings for environment variable substitution. - Bug 3221 - Command line defines (-D/--define) are lost on SIGHUP. - Bug 3028 - Unable to escape special characters in RewriteRule substitution string. - Bug 3161 - Updating tallies for deleted files should occur based on file ownership. - Bug 2067 - Allow/Deny Filters should be supported in the context. - Bug 2434 - Buggy interaction between custom SQLUserInfo and 'userset' SQLAuthenticate parameter. See the SQLUserInfo description for more details. - Bug 3226 - HideFiles directive not working properly in sections. - Bug 3231 - Use getgrset(3) on AIX to emulate getgrouplist(3). - Bug 3043 - SQLGroupInfo should allow custom queries. See the SQLGroupInfo description for more information. - Bug 2178 - Extend TLSRequired for and .ftpaccess contexts. - Bug 3209 - mod_wrap2 should support the 'spawn' feature (or equivalent) of tcpwrappers. Using mod_wrap/mod_wrap2 in conjunction with the mod_exec module, this is now possible. - Bug 3225 - Opening of files during restart can inappropriately use stdin/stdout/stderr descriptors, leading to bad behavior. The "bad behavior" can manifest as server shutdown (due to mod_tls errors), "Bad file descriptor" log messages, etc. - Bug 3234 - SSL connections can cause 100% CPU usage. - Bug 3233 - Dynamic config causes many copies of static configs to be merged. - Bug 3086 - mod_quotatab write locking is ineffective. - Bug 3029 - Support a RewriteCondition variable for renames. - Bug 3230 - Differentiate among protocol connections in DelayTable. - Bug 3032 - CR character allowed in filename but not shown. - Bug 3237 - "error setting IPV6_V6ONLY: Protocol not available" message filling up log file. - Added mod_shaper, mod_exec to the contrib modules. - Bug 3249 - mod_ban support for TimeoutLogin. - Bug 3253 - Support for %S variable in SQL queries. - Bug 3247 - "TLSRequired auth" and "TLSOptions AllowPerUser" are incompatible. - Bug 3256 - "SO_OOBINLINE" error occuring again. This is a regression of Bug#2332 caused by code movement in 1.3.2. - Bug 3258 - Log cluttered with "using sendfile capability" messages. - Bug 3261 - Badly formatted TLSRenegotiate directive causes proftpd to hang. - Bug 3257 - CAP_AUDIT_WRITE capability needed for some PAM modules. - Bug 3243 - Broken support for AllowOverride per user/group/class conditionals. The user/group/class conditional arguments to the AllowOverride directive were not properly honored. The fix for this is to remove all support in the AllowOverride directive, and instead use mod_ifsession for conditionals.
1.3.3a - Released 01-Jul-2010 ------- - Bug 3400 - Add Japanese translation. - Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL. - Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349. - Bug 3403 - File upload followed by MLSD leads to wrong file size entries in TransferLog. - Bug 3405 - Multiple SFTPAuthorizedUserKeys stores causes segfault on 64-bit platforms. - Bug 3354 - Renaming a file across mount points to a full disk does not fail as expected. - Bug 3408 - Use instead of where possible. - Bug 3412 - Include files not included after restart due to permissions. - Bug 3409 - Build failure on newer FreeBSD due to utmp/utmpx system changes. - Bug 3417 - Unsafe use of pointer when scanning config for ScoreboardFile. - Bug 3418 - %U sometimes showing up as "(none)" in ExtendedLog. - Bug 3421 - RewriteHome does not work properly for SFTP connections. - Bug 3419 - SSL_shutdown() errors with openssl-0.9.8m. - Bug 3423 - Last line of multiline DisplayLogin file improperly handled. - Bug 3426 - mod_sftp does not log to TransferLog by default. - Bug 3425 - Improperly constructed destination paths for SCP uploads. - Bug 3427 - mod_sftp does not handle recursive SCP uploads properly. - Bug 3432 - ExecBeforeCommand does not interpolate the %F/%f variables properly. - Bug 3434 - TraceLog contains messages even with "Trace DEFAULT:0" configured. - Bug 3435 - Encoding/decoding conversion can cause CPU spike. - Bug 3436 - Support build-time option to disable use of nonblocking open of log files. Use --disable-nonblocking-log-open to get the pre-1.3.3 behavior of opening log files. - Bug 3437 - UseImplicitSSL TLSOption causes PBSZ/PROT commands to fail. - Bug 3439 - Encoding fails if an NLS-enabled proftpd starts in a UTF8 locale. - Bug 3446 - .ftpaccess ignored in some cases. - Bug 3447 - mod_sftp can become confused during large recursive SCP uploads. - Bug 3448 - Ensure that STAT/LSTAT/FSTAT SFTP requests do not use cached/stale data. - Bug 3449 - mod_sftp does not properly handle the O_TRUNC flag in a SFTP OPEN request. - Bug 3450 - mod_sftp does not properly handle the O_APPEND flag in a SFTP OPEN request. - Bug 3451 - WinSCP can't upload files using protocol version 5 with mod_sftp. - Bug 3452 - mod_sftp does not advertise its supported SFTP extensions for protocol version 5. - Bug 3454 - msgfmt(1) options used for generating NLS files are not compatible with Solaris' msgfmt. - Bug 3456 - Problem attempting to recursively download a directory via SCP. - Bug 3458 - mod_sftp incorrectly performs OpenSSL cleanup. - Bug 3459 - mod_radius segfaults during incorrect login due to stale data. - Bug 3460 - REALPATH SFTP request can cause improperly cached directory configuration. - Bug 3462 - ftpasswd script's --delete-user option does not work. - Bug 3463 - ftpasswd script's --delete-group option does not work. - Bug 3465 - SIGSEGV at LIST after CCC. - Bug 3470 - Deferred resolution paths not handled properly by mod_sftp. - Bug 3469 - ExtendedLog's %f variable not properly expanded for DELE if path begins with tilde ('~'). - Bug 3467 - mod_ifsession does not merge blocks properly. - Bug 3471 - Null values in allow/deny rules causes mod_wrap2 to segfault. - Bug 3472 - mod_sftp publickey authentication fails for large keys. - Bug 3424 - Bad LDAP lookup can cause mod_ldap segfault under some conditions. - Bug 3476 - LIST/NLST of path starting with "-" fails. - Bug 3475 - Add new 'noGetgrouplist' AuthUnixOption to work around buggy libc code. - Bug 3474 - Using SQLite database and SQLLog directive can lead to problems under load. Downloads (~4,0 Mb)_ftp://ftp.proftpd.or...1.3.3a.tar.bz2
ЭЖД, 20.09.2010 - 18:03
proftpd 1.3.3b
+ Fixed SFTP directory listing bug + Avoid corrupting utmpx databases on FreeBSD + Avoid null pointer dereferences during data transfers + Fixed "AuthAliasOnly on" anonymous logins Downloads (~4,0 Mb)_ftp://ftp.proftpd.or...1.3.3b.tar.bz2
ЭЖД, 30.10.2010 - 16:51
proftpd 1.3.3c
- Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite. - Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux. - Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE commands. - Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc functionality via proftpd.conf. - Bug 3519 - Inappropriate directory traversal allowed by mod_site_misc. - Bug 3521 - Telnet IAC processing stack overflow. Downloads (~4,1 Mb)_ftp://ftp.proftpd.or...1.3.3c.tar.bz2
ЭЖД, 23.12.2010 - 20:28
proftpd 1.3.3d
1.3.3d - Released 17-Dec-2010 ------- - Bug 3522 - Error when handling SSH DISCONNECT messages with no language tag. - Bug 3525 - Default syslog logging causes logging to the wrong syslog facilities. - Bug 3528 - ExtendedLog %s variable not expanded properly for successful PASS commands. - Bug 3529 - "LIST /*" now lists more than the expected directory. - Bug 3526 - CPU usage at 100% when checking HideFiles pattern. Credit goes to Thomas Shinnick for providing the fix for this; it addresses a more general problem of high memory and CPU consumption when proftpd searches for .ftpaccess files. - Bug 3530 - Conflicting interactions among HideUser, HideGroup, and HideNoAccess directives. - Bug 3536 - mod_sql has insufficient bounds checking in sql_prepare_where() function. - Bug 3547 - Multiple AllowClass directives not handled properly. - Bug 3548 - Null pointer segfault in mod_sftp when handling aborted connection. - Bug 3551 - SQLAuthType Crypt implementation needs to handle NULL return value from crypt(3). - Bug 3550 - SFTP compressed uploads can cause corrupted uploaded files. - Bug 3560 - ExtendedLog shows incorrect byte size for first file downloaded via SFTP in some cases. Download (~4,0 Mb)_ftp://ftp.proftpd.or...1.3.3d.tar.bz2
Proftpd 1.3.0