Arch Linux User Repository

1.3.8b - Released 19-Dec-2023
--------------------------------
- Issue 1735 - Compiling ProFTPD 1.3.8a mod_sftp, mod_tls using libressl 3.7.3
  fails.
- Issue 1756 - Build system fails for specific module names.
- Issue 1760 - mod_sftp is affected by "Terrapin" Prefix Truncation Attacks in
  SSH Specification (CVE-2023-48795).

That sounds like a yay bug. vercmp 1.3.8 1.3.8a outputs 1 so it's known to be a new version. Bumping pkgrel should work and is more sane than bumping the epoch.

For me, yay was adamant at wanting to build proftpd-2:1.3.8-1 instead of proftpd-2:1.3.8a-1 until I manually deleted the /home/builduser/.cache/yay/proftpd directory.

Maybe the epoch needs to be incremented to fix this, the change history indicates that there was the same problem when this package was updated from upstream version 1.3.6 to 1.3.6a.

mod_sql_passwd module is missing in PKGBUILD

Edit: Created an upstream issue report, 550 PWD: Permission denied for initial directory listing since 1.3.8.

Upgrading from proftpd-2:1.3.7e-1 to proftpd-2:1.3.8-1 causes a fatal regression for me, in that the users cannot list the shared root directory any more. I have manually downgraded to proftpd-2:1.3.7e-1 until I can figure out what is going on.

My current suspicions are a towards a regression with the mod_facl.c module as I am using ACL to control file access, which might be a rather uncommon setup, and I seriously doubt a regression this severe would not have been found before releasing 1.3.8.

With 1.3.7e (good):

Status: Resolving address of XXXXXXXXX.XXX
Status: Connecting to [XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX]:XXXXX...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Status: Directory listing of "/" successful

With 1.3.8 (bad):

Status: Resolving address of XXXXXXXXX.XXX
Status: Connecting to [XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX]:XXXXX...
Status: Connection established, waiting for welcome message...
Status: Initializing TLS...
Status: TLS connection established.
Status: Logged in
Status: Retrieving directory listing...
Command:    PWD
Response:   550 PWD: Permission denied
Error:  Failed to retrieve directory listing

proftpd-git is compatible with OpenSSL 3

you need to install openssl-1.1 to make proftpd run again after recent arch update...

@maid: Then it is likely an upstream issue.

2:1.3.7c-1. Proftpd won't start with my custom config. He will start with default config only.

using TCP send buffer size of 16384 bytes mod_sftp/1.0.1: using OpenSSL 1.1.1l 24 Aug 2021 mod_sftp/1.0.1: using libsodium-1.0.18 mod_tls/2.9: using OpenSSL 1.1.1l 24 Aug 2021 mod_deflate/0.6: using zlib 1.2.11 mod_redis/0.2.2: using hiredis-1.0.0 disabling runtime support for IPv6 connections <IfModule>: using 'mod_lang.c' section at line 50 <IfModule>: using 'mod_unique_id.c' section at line 59 <IfModule>: using 'mod_ban.c' section at line 65 <IfModule>: skipping 'mod_ident.c' section at line 199 <IfModule>: using 'mod_unique_id.c' section at line 215 ROOT PRIVS at mod_auth_file.c:1565 RELINQUISH PRIVS at mod_auth_file.c:1568 ROOT PRIVS at mod_auth_file.c:1433 RELINQUISH PRIVS at mod_auth_file.c:1436 -----BEGIN STACK TRACE----- -----END STACK TRACE----- ProFTPD terminating (signal 11) ROOT PRIVS at signals.c:59 ProFTPD terminating (signal 11) ROOT PRIVS at signals.c:59 RELINQUISH PRIVS at signals.c:85 ProFTPD 1.3.7c standalone mode SHUTDOWN ROOT PRIVS at signals.c:92 RELINQUISH PRIVS at signals.c:94

Just updated to 1.3.7c.

@maid: This latest version builds, installs, and runs correctly on my machine. Please check if things look better after the update. Best.