Package: proftpd-core Version: 1.3.8+dfsg-4+deb12u4 Severity: important Tags: upstream fixed-upstream
Hi, proftpd before commit 3cf5ad4b7e6df0e5a980aeab9021ef25c63dbfd6 fails to validate the RADIUS MAC signature, when talking to current FreeRADIUS (f.e. 3.2.7). This is upstream bug https://github.com/proftpd/proftpd/issues/1840 and fixed upstream in 1.3.8 in https://github.com/proftpd/proftpd/commit/3cf5ad4b7e6df0e5a980aeab9021ef25c63dbfd6 I've confirmed that applying the upstream patch to the Debian package fixes the problem. Please consider applying the patch and updating the version in oldstable. Thanks, Chris
