#acl PaulHowarth:read,write,admin,revert,delete All:read

=== Friday 21st February 2020 ===

==== Fedora Project ====

 * Updated `proftpd` (1.3.5e) in EPEL-7:
  * Fix compatibility with modern SFTP clients like !FileZilla:
  . `mod_sftp`: When handling the '`keyboard-interactive`' authentication mechanism, as used for (e.g.) PAM, make sure to properly handle `DEBUG`, `IGNORE`, `DISCONNECT` and `UNIMPLEMENTED` messages, per RFC 4253 ([[ProftpdBugzilla:4385|ProFTPD Bug#4385]])
  * Fix use-after-free vulnerability in memory pools during data transfer ([[CVE:2020-9273|CVE-2020-9273]], [[https://github.com/proftpd/proftpd/issues/903|GH#903]])
  . Backported fix from https://github.com/proftpd/proftpd/commit/e845abc1
 * Updated `proftpd` (1.3.3g) in EPEL-6:
  * Fix use-after-free vulnerability in memory pools during data transfer ([[CVE:2020-9273|CVE-2020-9273]], [[https://github.com/proftpd/proftpd/issues/903|GH#903]])
  . Backported fix from https://github.com/proftpd/proftpd/commit/e845abc1

==== Local Packages ====

 * Updated `perl-Module-CoreList` to 5.20200220:
  * Updated for v5.31.9
 * Updated `ppp` to 2.4.8:
  * New `pppd` options have been added:
   * `ifname`, to set the name for the PPP interface device
   * `defaultroute-metric`, to set the metric for the default route
   * `defaultroute6`, to add an IPv6 default route (with `nodefaultroute6` to prevent adding an IPv6 default route)
   * `up_sdnotify`, to have `pppd` notify `systemd` when the link is up
  * The `rp-pppoe` plugin has new options:
   * `host-uniq`, to set the `Host-Uniq` value to send
   * `pppoe-padi-timeout`, to set the timeout for discovery packets
   * `pppoe-padi-attempts`, to set the number of discovery attempts
  * Added the `CLASS` attribute in radius packets
  * Sundry bug fixes
  * Fixed warnings and issues found by static analysis
  * Added `Submitting-patches.md`
 . A patch was added to fix a buffer overflow in the `eap_request` and `eap_response` functions ([[CVE:2020-8597|CVE-2020-8597]])


----