Monday 25th April 2022
Fedora Project
Updated perl-IO-Compress-Lzma to 2.103 in Rawhide (no changes)
Updated perl-PPI to 1.273 in Rawhide:
Whitespace in signatures is now preserved (GH#257)
Updated proftpd to 1.3.7d in F-34, F-35, F-36 and Rawhide:
Fix crash with long lines in AuthGroupFile due to large realloc(3) (GH#1321)
NLST did not behave consistently for relative paths (GH#1325)
Implement AllowForeignAddress class matching for passive data transfers (GH#1346)
DeleteAbortedStores removed successfully transferred files unexpectedly (Bug #4467)
Keepalive socket options should be set using IPPROTO_TCP, not SOL_SOCKET (GH#1401)
TCP keepalive SocketOptions should apply to control as well as data connection (GH#1402)
ProFTPD always used the same PassivePorts port for first transfer (GH#1396)
Name-based virtual hosts not working as expected after upgrade from 1.3.7a to 1.3.7b (GH#1369)
Updated proftpd to 1.3.8rc3 in EPEL-9:
Support SSH hostkey rotation via OpenSSH extensions (GH#1323)
NLST did not behave consistently for relative paths (GH#1325)
Support AES Galois Counter Mode (AES-GCM) in SSH; support for the "aes128-gcm@openssh.com" and "aes256-gcm@openssh.com" ciphers has been added to mod_sftp (Bug #3759)
Implement an LDAPConnectTimeout directive, to configure the timeout used when connecting to LDAP servers (GH#1333)
Implement OpenSSH "Encrypt-Then-MAC" (ETM) algorithm extensions (GH#1330)
Implement AllowForeignAddress class matching for passive data transfers (GH#1346)
Implement support for PCRE2 (GH#1353)
ProFTPD wouldn't start with several locales (Bug #4466)
Auth sources providing space-bearing user/group names caused compliance issues with MLSD/MLST responses (GH#1367)
DeleteAbortedStores removed successfully transferred files unexpectedly (Bug #4467)
Omit EPRT/EPSV from FEAT response when denied by <Limit> configuration (GH#1383)
Support uploading to symlinked files (GH#1379)
Keepalive socket options should be set using IPPROTO_TCP, not SOL_SOCKET (GH#1401)
TCP keepalive SocketOptions should apply to control as well as data connection (GH#1402)
ProFTPD always used the same PassivePorts port for first transfer (GH#1396)
mod_sftp needs to handle unknown SSH messages in an RFC-compliant manner, ignoring rather than disconnecting (GH#1410)
Improve handling of some globally applied configuration directives (GH#1418)
Name-based virtual hosts not working as expected after upgrade from 1.3.7a to 1.3.7b (GH#1369)
Local Packages
Updated perl-DateTime-Locale to 1.35:
The code passed to DateTime::Locale->load is now validated and untainted before using it to load and eval data from the filesystem (based on GH#30)
Updated perl-PPI to 1.273 as per the Fedora version
Updated proftpd to 1.3.7d as per the Fedora version
Updated proftpd to 1.3.8rc3 as per the EPEL-9 version