[Bug 1613737] Update Released

Brian Murray brian at ubuntu.com
Tue Nov 20 16:33:19 GMT 2018


The verification of the Stable Release Update for proftpd-dfsg has
completed successfully and the package has now been released to
-updates.  Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of ProFTPD
Maintainance Team, which is subscribed to proftpd-dfsg in Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

Status in Proftpd Dfsg:
  Fix Released
Status in proftpd-dfsg package in Ubuntu:
  Fix Released
Status in proftpd-dfsg source package in Xenial:
  Fix Released

Bug description:
  [Impact]

   * A bug exists in Proftpd version 1.3.5a. which causes FTP sessions
  to fail or timeout with strict clients

   * The package, as published in LTS, does not comply with the FTP
  protocol

   * Ported upstream patch and test changes

  [Test Case]

   * Connect to an affected server with ftptest.net

   * Prior to the patch, it will fail to perform an MLSD command with an
  explicit error and explanation

   * After the patch, this works as expected

  [Regression Potential]

   * Failures in SSL connection handling

  A bug exists in Proftpd version 1.3.5a. which causes ssl sessions to
  fail or timeout with some clients

  Excerpt from http://bugs.proftpd.org/show_bug.cgi?id=4202

  Server seems to send an improperly formatted response causing some clients to
  time out.

  Log from ftptest.net:
  [snip]
  Command: TYPE I
  Reply: 200 Type set to I
  Command: EPSV
  Reply: 229 Entering Extended Passive Mode (|||45766|)
  Command: MLSD
  Status: Data connection established.
  Reply: 150 Opening BINARY mode data connection for MLSD
  Error: Malformed directory listing
  Error: Line feed received without preceding carriage return

  This bug has been fixed upstream in version 1.3.5b I recommend getting
  this fixed this is causing a lot of havoc with my servers I've had to
  delay my rollout of 16.04 because of this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions



More information about the Pkg-proftpd-maintainers mailing list