Update to 1.3.4e
- New upstream release 1.3.4e
- Fixed numerous upstream-reported bugs:
- Spurious log messages at session close (bug 3945)
- LogFormat %f variable not resolved properly for SFTP renames (bug 3947)
- mod_delay allows too-large values, leading to client hang on
authentication (bug 3858)
- Null pointer dereference for mod_ldap logins when LDAPDefaultAuthScheme
not configured (bug 3951)
- scp downloads result in segfault (bug 3954)
- ProFTPD configuration with thousands of <Directory>/<Limit> sections
leads to slow logins (bug 3957)
- mod_sftp does not honor <Directory>/<Limit> sections when symlinks are
involved (bug 3959)
- Directory creation does not honor single-parameter Umask setting
(bug 3958)
- Directory creation fails (chmod(2) EPERM) when root privs are used in
some cases (bug 3962)
- Authentication error on Cygwin due to bad code (bug 3972)
- mod_sftp can be forced to allocate too much memory for
keyboard-interactive authentication (bug 3973, CVE-2013-4359)
- PathDenyFilter directive does not work as expected for SFTP sessions
(bug 3974)
- Improve permission setting when creating directories (bug 3963)
- Null pointer dereference in mod_exec with ExecOption useStdin (bug 3981)
- Support filesystems that do not support chmod(2)/chown(2), e.g. FAT/ExFAT
(bug 3986)
- SSL session caching modules use incorrect OpenSSL cache mode flags,
breaking session caching (bug 3991)
- ProFTPD should not use fd 2 (stderr) for files (bug 3970)
- RSA signature issue when connecting using PuTTY/WinSCP (bug 3992)
- mod_sftp fails key exchange for 8192-bit DH group (bug 4001)
- IgnoreSCPUploadPerms SFTPOption not honored properly for SCP directory
upload (bug 4004)
- RADIUS "service-type" attribute encoded with wrong length on 64-bit
system (bug 4006)
- SCP upload of shorter file does not completely overwrite existing file of
same name (bug 4013)
- "Directory not empty" error when creating directory is misleading
(bug 4022)
- Restarting proftpd with mod_sftp fails due to permissions on SFTPHostKey
file (bug 4032)
- SSH publickey authentication fails with "MaxLoginAttempts 1" (bug 4034)
- ALLO command failed because of bad size check (bug 4046)
- Race condition in mod_ban can lead to segfault of all new connections
(bug 4048)
- MIC command between RNFR and RNTO should not be rejected (bug 4042)
- mod_facl prevents a normal SIGHUP reload (bug 4044)
- Drop patches for issues resolved in new upstream release
- Anonymous upload directory specification needs to be slightly different if
mod_vroot is in use (#1045922)
http://sourceforge.net/p/proftp/mailman/message/31728570/
- Backport some changes from upstream's 1.3.5 release to get the API tests to
build
- Use %license where possible