[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

Launchpad Bug Tracker 1613737 at bugs.launchpad.net
Tue Nov 20 16:33:12 GMT 2018 

This bug was fixed in the package proftpd-dfsg - 1.3.5a-1ubuntu0.1

---------------
proftpd-dfsg (1.3.5a-1ubuntu0.1) xenial; urgency=medium

  * Add upstream patch for CRLF to MLSD response (LP: #1613737).

 -- Brian Morton <bmorton at dvidshub.net>  Fri, 1 Dec 2017 16:05:00 -0500

** Changed in: proftpd-dfsg (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of ProFTPD
Maintainance Team, which is subscribed to proftpd-dfsg in Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

Status in Proftpd Dfsg:
  Fix Released
Status in proftpd-dfsg package in Ubuntu:
  Fix Released
Status in proftpd-dfsg source package in Xenial:
  Fix Released

Bug description:
  [Impact]

   * A bug exists in Proftpd version 1.3.5a. which causes FTP sessions
  to fail or timeout with strict clients

   * The package, as published in LTS, does not comply with the FTP
  protocol

   * Ported upstream patch and test changes

  [Test Case]

   * Connect to an affected server with ftptest.net

   * Prior to the patch, it will fail to perform an MLSD command with an
  explicit error and explanation

   * After the patch, this works as expected

  [Regression Potential]

   * Failures in SSL connection handling

  A bug exists in Proftpd version 1.3.5a. which causes ssl sessions to
  fail or timeout with some clients

  Excerpt from http://bugs.proftpd.org/show_bug.cgi?id=4202

  Server seems to send an improperly formatted response causing some clients to
  time out.

  Log from ftptest.net:
  [snip]
  Command: TYPE I
  Reply: 200 Type set to I
  Command: EPSV
  Reply: 229 Entering Extended Passive Mode (|||45766|)
  Command: MLSD
  Status: Data connection established.
  Reply: 150 Opening BINARY mode data connection for MLSD
  Error: Malformed directory listing
  Error: Line feed received without preceding carriage return

  This bug has been fixed upstream in version 1.3.5b I recommend getting
  this fixed this is causing a lot of havoc with my servers I've had to
  delay my rollout of 16.04 because of this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

More information about the Pkg-proftpd-maintainers mailing list