Bug#991394: proftpd-basic: mod_sftp is missing an upstream fix: #866 "mod_sftp crashes when using pubkey-auth with DSA keys"
Anishchuk, Igor
igor.anishchuk at f-secure.com
Thu Jul 22 16:38:56 BST 2021
Package: proftpd-basic
Version: 1.3.6-4+deb10u5
Severity: normal
Dear Maintainer,
When connecting to proftpd daemon using SFTP protocol and authenticating
using a DSS key, the server process crashes with segmentation fault.
This is caused by an upstream issue #866
(https://github.com/proftpd/proftpd/issues/866) that is fixed in PR #867
(https://github.com/proftpd/proftpd/pull/867).
The issue happens in module mod_sftp that has an obvious copy-paste
error in the code. The upstream fix #867 reliably solves the issue.
With Best Regards,
Igor
More information about the Pkg-proftpd-maintainers
mailing list