Update to 1.3.3e
New upstream release 1.3.3e, fixing a large number of bugs:
- Process privileges may not handled properly when --enable-autoshadow is
used (bug 3757)
- mod_sftp closes channel too early after scp download (bug 3544)
- mod_sftp_pam may tell client to disable echoing erroneously (bug 3579)
- mod_sftp behaves badly when receiving badly formed SSH messages (bug 3586,
CVE-2011-1137)
- Using "$shell $libtool" in prxs does not work for all shells (bug 3593)
- WrapAllowMsg directive broken due to bug 3423 (bug 3538)
- SocketOptions receive/send buffer size parameters no longer work (bug 3607)
- mod_wrap2 needs to support netmask rules for IPv6 addresses (bug 3606)
- APPE/STOU upload flags erroneously preserved across upload commands
(bug 3612)
- Malicious module can use sreplace() function to overflow buffer (bug 3614)
- Exiting sessions don't seem to die properly (bug 3619)
- mod_delay sometimes logs "unable to load DelayTable into memory" (bug 3622)
- Plaintext command injection in FTPS support (bug 3624)
- mod_ifsession rules using regular expressions do not work (bug 3625)
- Truncated client name saved in ScoreboardFile (bug 3623)
- %w variable populated with non-absolute path in SQLLog statement (bug 3627)
- Unnecessarily verbose "warning: unable to throttle bandwidth: Interrupted
system call" (bug 3628)
- SSH DISCONNECT messages sent by mod_sftp even for FTP connections in some
cases (bug 3630)
- mod_sql should log "unrecoverable database error" at a higher priority
(bug 3632)
- Proftpd is eating CPU when reparsing configuration file on SIGHUP (bug 3610)
- Incorrect generation of DSA signature for SSH sessions (bug 3634)