Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: proftpd-d...@packages.debian.org Control: affects -1 + src:proftpd-dfsg
[ Reason ] In Proftp 1.3.8 the buffer size for SSL communicatio set to small, so some SFTP client connections fail, in case the "KEXINIT" messages from both sides are too large. The patch solves the regression, which was caused by bullseye -> bookworm upgrade. [ Impact ] Currently in some situations (large "KEXINIT" messages from both sides) the SSL communication may fail. [ Tests ] I provided a fixed package to the bug submitter for testing. He confirmed that his specific issue is solved. The package itself passes the built it test suite. [ Risks ] Patch is trivial, there are no real functional changes, but rather changes in buffer sizes. [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable Debdiff is here https://release.debian.org/proposed-updates/bookworm_diffs/proftpd-dfsg_1.3.8+dfsg-4+deb12u2.debdiff [ Changes ] The patch extends the buffer length to do SSL computation. In Proftp 1.3.8 the size set to small, so some SFTP client connections fail. The patch solves the regression, which was caused by bullseye -> bookworm upgrade.
