On 9/16/19 3:53 PM, Thomas Deutschmann wrote: > Source: pure-ftpd > Severity: grave > Justification: causes non-serious data loss > > Dear Maintainer, > > please consider disabling TLS 1.3 support. > > While you added TLS 1.3 compatibility through bug 918630, this uncovered > a grave bug in pure-ftpd, see https://github.com/jedisct1/pure-ftpd/issues/102 > or https://bugzilla.redhat.com/show_bug.cgi?id=1654838#c5 > > It's fixed in newer pure-ftpd versions. However, it's not easy to backport > because upstream refactored TLS code while fixing this bug. > > That's why I am requesting to disable TLS 1.3 to avoid data loss.
So this affects the package version 1.0.47-3 in stable + testing?
And the problem is supposed to fixed in the latest version ... I will take
a look.
Regards
Racke
>
>
> -- System Information:
> Debian Release: 9.9
> APT prefers stable
> APT policy: (1001, 'stable'), (990, 'oldstable'), (500, 'oldstable-updates')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.9.0-9-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
signature.asc
Description: OpenPGP digital signature
