| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: proftpd-proxy | Distribution: Fedora Project |
| Version: 1.3.9a | Vendor: Fedora Project |
| Release: 1.el10_3 | Build date: Thu Apr 30 14:04:51 2026 |
| Group: Unspecified | Build host: buildvm-ppc64le-20.rdu3.fedoraproject.org |
| Size: 800749 | Source RPM: proftpd-1.3.9a-1.el10_3.src.rpm |
| Packager: Fedora Project | |
| Url: http://www.proftpd.org/ | |
| Summary: Module to add proxying support to the ProFTPD FTP server | |
Module to add proxying support to the ProFTPD FTP server.
GPL-2.0-or-later
* Thu Apr 30 2026 Paul Howarth <paul@city-fan.org> - 1.3.9a-1
- Update to 1.3.9a
- SCP transfers failed for files with spaces in their names (GH#1886)
- LDAPDefaultGID ignored since 1.3.9 (GH#1898)
- Compilation of mod_wrap2 failed when the --enable-wrapper-options configure
option was used (Bug #4512)
- mod_sftp failed to parse authorized user/host public keys with CRLF line
endings (GH#1904)
- Uploads using MODE Z sometimes resulted in corrupted files or broken
transfers (GH#1896)
- Remove usage of the deprecated MySQL_OPT_RECONNECT option for newer MySQL
versions (GH#1911)
- Update usage of MySQL API for SSL/TLS connections to server (GH#340)
- mod_sftp leaked file descriptor when reading SFTPHostKey file (GH#1959)
- Large/slow SCP downloads could be unnecessarily truncated by TimeoutStalled
(GH#1964)
- Handling of CRLs in mod_tls was incorrect, leading to confusing errors
(GH#1960)
- Resumed SSL_SESSION management in mod_tls lead to memory growth, infinite
loop using newer OpenSSL versions (GH#1963)
- mod_quotatab_ldap interactions could lead to segfault due to stale pointer
(GH#1984)
- RNTO before authentication lead to out-of-order response codes (GH#2003)
- MaxLoginAttemptsFromUser event never triggered in mod_ban for SFTP sessions
(GH#2009)
- Using toupper(3) on non-ASCII FTP command bytes might cause remote DoS
(GH#2019)
- Out-of-bounds single byte read when FTP command input buffer starts with LF
(GH#2020)
- FTP command LIST/NLST -B could cause buffer overflow when listing certain
crafted filenames (GH#2030)
- Memory exhaustion with mod_log_forensic when downloading very large files
via SFTP (GH#2043)
- Setting process groups during authentication crashed when using mod_radius
and <IfGroup> (GH#2046)
- SQL injection possible via mod_sql because of is_escaped_text() logic error
(GH#2052, CVE-2026-42167)
* Wed Mar 19 2025 Paul Howarth <paul@city-fan.org> - 1.3.9-1
- Update to 1.3.9
- Use of HideNoAccess for SFTP sessions could lead to segfault and/or
unexpected behavior (GH#1855)
- Avoid NULL pointer dereferences in mod_ls (GH#1866, CVE-2024-57392)
- Added Polish translation (Bug #4511)
- SFTP channel allocations can lead to high memory utilization over time
(GH#1876)
- Update libtool.m4 for better MacOSX support (GH#1878)
- Update mod_proxy to 0.9.5
- Implemented new IgnoreForeignAddress ProxyOption
- Fixed passive data transfers to backend IPv4 address when IPv6 support is
enabled
* Thu Dec 12 2024 Paul Howarth <paul@city-fan.org> - 1.3.9-0.3.rc3
- Update mod_vroot to 0.9.12
- Implement a realpath(3) callback for the FSIO API, for better
interoperability of other modules when mod_vroot is in effect
* Thu Dec 12 2024 Paul Howarth <paul@city-fan.org> - 1.3.9-0.2.rc3
- Update to 1.3.9rc3
- Bad handling of lack of extended attributes lead to SFTP out of memory
error (GH#1785)
- Using mod_facl and mod_vroot at same time caused unexpected permissions
issues (GH#1780)
- mod_sftp_sql logged "header value too long" due to unexpected key header
text (GH#1529)
- SFTP statvfs extension failed when mod_vroot was in use (GH#1792)
- Implement limits@openssh.com SFTP extension (GH#1798)
- Implement SFTPAuthPublicKeys directive for configuring the list of public
key algorithms allowed for authentication (GH#1806)
- Fix stack trace changing to directory with DisplayChdir file using %F
variable on a large filesystem (GH#1819)
- Remove inherited supplemental groups when started with root privileges
(GH#1836)
- SSH ECDSA host key algorithms were not being used as expected despite
configuring appropriate key (GH#1839)
- RADIUS Message-Authenticator verification failed with ProFTPD mod_radius
(GH#1840)
- Supplemental group inheritance granted unintended access to GID 0 due to
lack of supplemental groups from mod_sql (GH#1830)
* Fri Oct 11 2024 Paul Howarth <paul@city-fan.org> - 1.3.9-0.1.rc2
- Update to 1.3.9rc2
- Fix mod_tls build failing for OpenSSL before 1.1.x (Bug #4494)
- Fix mod_sftp not advertising standard extensions for protocol version 3
(GH#1570)
- Fix mod_sftp "check-file" extension using wrong block size when offset and
length are specified (GH#1569)
- Use JSON for Controls protocol messages (GH#379)
- Provide richer exit status values for ftpdctl for better scripting (GH#1114)
- Enforce requirement of preceding RewriteCondition for RewriteRule directives
to avoid confusion (Bug #4495)
- Implement LogFormat variable for data transfer average speed (GH#535)
- Optimize per-connection file I/O when reading SFTPHostKey from disk
(GH#1596)
- ProFTPD did not detect FIPS when using OpenSSL 3.x built with FIPS support
(GH#1610)
- Reduce latency due to signal handling in the daemon process (GH#1623)
- SSH key exchange requests should be classified into the "SEC" ExtendedLog
class (GH#1626)
- Update mod_exec to use the Jot API for resolving variables (GH#1630)
- Use system TCP backlog value by default (GH#1636)
- Gracefully handle directory creation requests when the directory already
exists (GH#1639)
- Remove asynchronous FTP responses emitted while computing digest values
(GH#1661)
- Support terminating connection after USER command when TLS is required
(GH#1640)
- Support OPTS commands for querying configured policy for resumed uploads,
downloads (GH#1676)
- MaxStoreFileSize for single user was not properly honored for SFTP uploads
(GH#1686)
- DisplayChdir using absolute path should work properly with DefaultRoot
(GH#1688)
- Clients should be disconnected when unable to be added to the
ScoreboardFile (GH#1700)
- Support injecting random delay when clients connect via DelayOnEvent
(GH#1701)
- Support OpenSSH FIDO security keys in mod_sftp (GH#1118)
- Support obtaining default UID/GID values for AD directories in mod_ldap
(GH#1716)
- Update upload progress in scoreboard when throttling (GH#1433)
- Null pointer reference encountered for FTPS connection due to config
parser ignoring Include file problem (GH#1721)
- Support the chacha20-poly1305@openssh.com SSH cipher (GH#456)
- mod_auth_otp should require per-user OTP entries by default (GH#1562)
- 1.3.9rc1 mod_sftp failed to compile if EVP_chacha20 was unavailable, as
when using older OpenSSL versions (GH#1730)
- Error resolving DNS name for implicit "server config" vhost lead to
DelayTable not being found (GH#1746)
- Log message for exceeding quota did not include the user/group/class quota
type (GH#1749)
- Build system failed for specific module names (GH#1756)
- "Terrapin" Prefix Truncation Attacks in SSH Specification affected mod_sftp
(CVE-2023-48795, GH#1760)
- Additional C compatibility fix
* Fri Oct 11 2024 Paul Howarth <paul@city-fan.org> - 1.3.8b-8
- Drop EL-7 support
- Drop mod_geoip support
- Drop mod_wrap support
- Always build mod_proxy
- Always use libpcre2
- Always use maridb client library in preference to mysql
- Always use libpq client library in preference to postgresql
- Always use OpenSSL Cipher Profiles
- Explicitly switch from libmemcached to libmemcached-awesome from Fedora 35
onwards
* Fri Jul 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.8b-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Jul 10 2024 Paul Howarth <paul@city-fan.org> - 1.3.8b-6
- Fix support for building with no ENGINE support in OpenSSL (GH#1816)
- Avoid potential null pointer dereference in mod_tls and mod_proxy (GH#1817)
/usr/lib/.build-id /usr/lib/.build-id/e8 /usr/lib/.build-id/e8/fe65173301198404c0fcfe69bdf9e2592a84b3 /usr/libexec/proftpd/mod_proxy.so /usr/share/doc/proftpd-proxy /usr/share/doc/proftpd-proxy/README.md
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat May 2 05:56:14 2026