Bug#911875: proftpd-basic (mod_sftp) is missing important upstream fixes for an OpenSSL API change
rhargrave
roman at hargrave.info
Thu Oct 25 21:05:58 BST 2018
That's good. To verify, we are talking about commit e2f77c0 (https://github.com/proftpd/proftpd/commit/e2f77c00e217eeb94459e104322b9a7d02c257e0)?
---- On Thu, 25 Oct 2018 15:02:09 -0500 Hilmar Preuße <hille42 at web.de> wrote ----
> tags 911875 + pending
> stop
>
> On 25.10.2018 18:25, rhargrave wrote:
>
> Hi,
>
> > The distribution of proftpd mod_sftp presently in Buster/Sid is
> > critically flawed. Clients that use DSA and ECDSA keys may have
> > issues connecting. This was caused by an OpenSSL API change (upstream
> > states OpenSSL 1.1.x is affected).
> >
> > The fix should be as straightforward as cherry picking the upstream
> > commit. I will be testing this patch with the debian source code
> > shortly.
> >
> Thanks for the report!
>
> I've pulled the fix from upstream and it is sitting in our salse repo
> since May [1]. I have to check if the current state is ready for
> release. If yes, expect a fix ASAP. I tag that bug pending for now and
> add the bug number to our changelog.
>
> Hilmar
>
> [1]
> https://salsa.debian.org/debian-proftpd-team/proftpd/commit/a74b8f3d60f67cec43502bf4d0e1065c5a3101d8
> --
> #206401 http://counter.li.org
>
>
More information about the Pkg-proftpd-maintainers
mailing list