This update addresses CVE-2009-3555 (SSL/TLS renegotiation vulnerability), mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations.
This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker:
Finally, the behaviour of the MLSD FTP command (used in many modern FTP clients to list directories) is fixed for the case when the FTP server's configuration disallows its usage (using a <Limit> clause) in some but not all places (#544002).
Please login to add feedback.
This update has been pushed to testing
This update has been submitted for stable.
This update has been pushed to stable