On Fri, Apr 05, 2019 at 01:46:23PM +0200, Markus Koschany wrote:
Hi,
Am 29.03.19 um 16:44 schrieb Francesco P. Lovergine:
On Thu, Mar 28, 2019 at 01:49:51PM +0100, Markus Koschany wrote:
Hello Francesco,
I intend to upgrade proftpd in Jessie to fix the memory leaks and
another unrelated issue. I think it would be best to backport the
version in testing. If you agree, I could also update proftpd in stable.
Please let me know if I can proceed.
A conservative approach would be using latest 1.3.5 version, instead of
1.3.6.
I have backported version 1.3.5e to Stretch. I don't have access to the
Git repository but I have uploaded the new package to people.debian.org.
https://people.debian.org/~apo/proftpd/
where you can grab the sources. There were at least three different
memory leak issues that were fixed. Two of them are related to the
mod_sftp module and this bug report, another one was in mod_facl. I
intend to contact the release team next week for a stretch-pu.
Regards,
Markus
That should be definitively the easiest solutions. Of course 1.3.5e does not
strictly fix only those three leaks, so that update could be non acceptable
for a secteam upload.
--
Francesco P. Lovergine
