Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Fedora 23: Moderate ProFTPD Security Update for SSH Key and Bugs Fixes

fedora
Calendar Grey March 21, 2016
Dist Fedora Esm H88
Comprehensive update package for vsftpd on Fedora 23, resolving issues with DSA key management, XXXLRD output, and various patches.
Cumulative maintenance release from upstream

Summary

ProFTPD is an enhanced FTP server with a focus toward simplicity, security,

and ease of configuration. It features a very Apache-like configuration

syntax, and a highly customizable server infrastructure, including support for

multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory

visibility.

This package defaults to the standalone behavior of ProFTPD, but all the

needed scripts to have it run by systemd instead are included.

Update Information:

Cumulative maintenance release from upstream. Highlights are: * SSH RSA hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now properly CRLF terminated. * Fixed selection of DH groups from TLSDHParamFile (CVE-2016-3125). Various other bug fixes are also included.

Change Log

References


[ 1 ] Bug #1317420 - CVE-2016-3125 proftpd: usage of 1024 bit DH key even with manual parameters set https://bugzilla.redhat.com/show_bug.cgi?id=1317420

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update proftpd' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: proftpd
Product: Fedora 23
Version: 1.3.5b
Release: 1.fc23
Summary: Flexible, stable and highly-configurable FTP server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.