Debian Patches

Status for proftpd-dfsg/1.3.7a+dfsg-12+deb11u5

Search:

Patch	Description	Author	Forwarded	Bugs	Origin	Last update
0021-PATCH-Issue-1830-When-no-supplemental-groups-are-pro.patch	[PATCH] Issue #1830: When no supplemental groups are provided by the underlying authentication providers, fall back to using the primary group/GID. (#1835) This prevents surprise due to inheritance of the parent processes' supplemental group membership, which might inadvertently provided undesired access.	TJ Saunders <tj@castaglia.org>	yes	upstream	backport, https://github.com/proftpd/proftpd/commit/5031d498a71c493b9659e2b5ccafde58b0897e30	2024-11-13
0036-Fix-blastradius-followup.patch	Fix blastradius followup Blastradius fixes break proftpd Fix the computation of the RADIUS Message-Authenticator signature to conform more properly to RFC 2869	TJ Saunders <tj@castaglia.org>	yes	upstream	backport, https://github.com/proftpd/proftpd/commit/fb922fd3bd2239be1e2512e33af515e4d674ebe3	2024-10-26
2eadd82f392573235432a9cb60266f6472d08884.diff	[PATCH] Issue #1074: Properly handle the `TLSCertificateChainFile` directive when SNI is used.	TJ Saunders <tj@castaglia.org>	no			2020-08-16
3c73f39f0db6724db597646eb6e476278f76edf5.diff	[PATCH] Bug #4405: Allocate the algorithm name strings for ciphers, MACs out of pools other than the KEX pool, as the strings have different lifetimes.	TJ Saunders <tj@castaglia.org>	no			2020-08-08
97bbe68363ccf2de0c07f67170ec64a8b4d62592.diff	[PATCH] Issue #1683: Avoid an edge case when handling unexpectedly formatted input text from client, caused by quote/backslash semantics, by skipping those semantics.	TJ Saunders <tj@castaglia.org>	no			2023-08-06
autotools	Do not touch config.h.in and stamp-h.in. Also export dpkg build flags. ===================================================================	Francesco Paolo Lovergine <frankie@debian.org>	not-needed
bcec15efe6c53dac40420731013f1cd2fd54123b.diff	===================================================================		no
change_pam_name	Change pam name ftp -> proftpd	Francesco Paolo Lovergine <frankie@debian.org>	not-needed
CVE-2024-57392.patch	[PATCH] Issue #1866: Some of the fuzzing tests submitted in the advisory ran into existing null pointer dereferences (not buffer overflows); let's correct them. (#1867)	TJ Saunders <tj@castaglia.org>	yes	upstream	https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d	2025-02-09
ftpasswd.cracklib.location	Change the default location of the cracklib dictionaries to match their Debian location ===================================================================	Paul Martin <pm@debian.org>	not-needed	debian
ftpstats	Fixes default xferlog pathname in ftpstats	Francesco Paolo Lovergine <frankie@debian.org>	not-needed	debian
issue-1171.patch	Issue #1171: Only set the `SO_REUSEPORT` socket option for active data transfers. Proftpd does use the same server port for multiple passive FTP connections. Even when executing multiple simultaneous FTP sessions from different clients. This does break simultaneous passive FTP connections, file listings and transfers.	TJ Saunders <tj@castaglia.org>	yes	upstream	backport, https://github.com/proftpd/proftpd/commit/57ae0b5ecd2f3e3cc85a87f6b9713bf8d1480dc2	2021-03-03
mod_sql_mysql.c			no
mod_wrap_noparanoid	avoid builtin paranoid checking in libwrap. ===================================================================	Francesco Paolo Lovergine <frankie@debian.org>	not-needed	debian
odbc	Manage automagically unixodbc library linking ===================================================================	Francesco Paolo Lovergine <frankie@debian.org>	not-needed	debian
pr_1094.diff	[PATCH] Issue #1079: Improve prxs detection of `configure` scripts for modules.	TJ Saunders <tj@castaglia.org>	no			2020-08-30
proftpd-mysql-password-backend.diff	Reintroduce "SQLAUthTypes Backend" with MySQL database===================================================================	Andreas Trottmann <andreas.trottmann@werft22.com>	invalid	debian
upstream_1061	[PATCH] Issue #1061: While investigating some reported issues with Ed25519 keys and mod_sftp, I reproduced one segfault when verifying such keys during publickey authentication.	TJ Saunders <tj@castaglia.org>	no			2020-07-25
upstream_1063	[PATCH] Issue #1063: Avoid segfaults for TLSv1.3 data transfers in our session tickey callback by checking the status before using SSL_SESSION pointer.	TJ Saunders <tj@castaglia.org>	no			2020-07-25
upstream_1070	[PATCH] Issue #1070: Implement support for Redis 6.x AUTH semantics.	TJ Saunders <tj@castaglia.org>	no			2020-07-26
upstream_1149	[PATCH] Issue #1149: Skip escaping of already-escaped SQL text. The introduction of the Jot API added proper escaping of resolved text. However, the mod_quotatab_sql module was already escaping some of its text in INSERT statements (but, inconsistently, not in SELECT statements), thus the Jot API refactoring caused a regression.	TJ Saunders <tj@castaglia.org>	no			2020-11-03
upstream_1181	[PATCH] Issue #1111: Update our implementation of UMAC algorithm with upstream. At the same time, ensure the use of the `-fno-strict-aliasing` compiler option, where supported. We found that, with this combination of changes, even with the "buggy" gcc-10 versions, the `umac-64@openssh.com` SFTP algorithm works once more as expected.	TJ Saunders <tj@castaglia.org>	no			2021-03-03
upstream_1284	[PATCH] mod_radius: copy _only_ the password	Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>	no			2021-08-03
wrong-path-for-interpreter_perl.diff			no

Showing 1 to 24 of 24 entries

All known versions for source package 'proftpd-dfsg'

1.3.9~dfsg-1 (experimental)
1.3.8.c+dfsg-2 (trixie, sid)
1.3.8+dfsg-4+deb12u4 (bookworm-security, bookworm)
1.3.7a+dfsg-12+deb11u5 (bullseye-security)
1.3.7a+dfsg-12+deb11u2 (bullseye)

Debian Patches

Status for proftpd-dfsg/1.3.7a+dfsg-12+deb11u5

All known versions for source package 'proftpd-dfsg'

Links