Monday 9th October 2023
Fedora Project
Updated proftpd to 1.3.8a in F-38, F-39, Rawhide and EPEL-9:
Fix mod_sftp failure to handle SFTP requests to truncate files to zero size (GH#1581)
Fix mod_sftp improperly handling SFTP WRITE requests for files opened for appending (GH#1584)
Build-time detection of Linux POSIX ACL support was broken since 1.3.8rc2 (GH#1568)
Fix failure to load mod_rewrite as a dynamic module due to incomplete/missing library linker flags (GH#1590)
<Class> section is allowed to be in <Global>, but From directive is not (GH#1597)
ExtendedLog SSH, SFTP classes not working as expected (GH#1617)
Fix mod_sftp not handling multiple concurrent open file handles/transfers well for logging (GH#1646)
"TLSRequired off" plus Protocols directive caused mod_tls to terminate the session abruptly (GH#1679)
Fix mod_tls failure to compile against OpenSSL 3.0.8 due to missing ENGINE_METHOD_ flags (GH#1689)
Unknown named connection error when using different SQL backends (GH#1659)
Fix mod_sql not properly closing all named backend connections on session exit (GH#1697)
SSH key exchanges failed unexpectedly with "unable to write X bytes of raw data" errors due to small ProFTPD buffer (GH#1694)
Fix high session memory usage caused by SFTP outgoing data buffering (GH#1678)
Out-of-bounds buffer read when handling FTP commands (GH#1683)
SFTP algorithm settings in <Global> section were not being used (GH#1712)
Local Packages
Updated c-ares to 1.20.1:
- This is a feature and bugfix release with some significant internal changes
- Update from 1989 MIT license text to modern MIT license text
Remove acountry from built tools as nerd.dk is gone
Add new ARES_OPT_UDP_MAX_QUERIES configuration option to limit the number of queries that can be made from a single ephemeral port
- Default per-query timeout has been reduced to 2s with a 3x retry count
Modernization: start implementing some common data structures that are easy to use and hard to misuse, which will make code refactoring easier and remove some varied implementations in use; this change also makes ares_timeout() more efficient
- Use SPDX identifiers and a REUSE CI job to verify
rand: Add support for getrandom()
- TCP back to back queries were broken
Ensure queries for ares_getaddrinfo() are not requeued during destruction
ares_getaddrinfo() should not retry other address classes if one address class has already been returned
- Avoid production of ill-formed result when qualifying a name with the root domain
Fix missing prefix for CMake generated libcares.pc
- DNS server ports will now be read from system configuration instead of defaulting to port 53
- Remove some unreachable code
Replace usages of sprintf with snprintf
- Fix Watcom instructions and update Windows URLs
- Resolve use-after-free issue when TCP connection is terminated before a response is returned
- Reduce number of queries for a load test case to prevent overloading some build systems
- Fix fuzz test build target
Updated perl-EV to 4.33:
The EV::stat->path method erroneously freed the result, causing corruption
New function EV::Child::reinit
Updated proftpd to 1.3.8a as per the Fedora version