From: TJ S. <tj...@ca...> - 2023-12-20 04:41:12
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, ProFTPD community. The ProFTPD Project team is pleased to announce that the second release candidate for ProFTPD 1.3.9 is now available for public consumption. You can download 1.3.9rc2, including PGP signature, from GitHub: https://github.com/proftpd/proftpd/archive/v1.3.9rc2.tar.gz Alternatively, you can download proftpd from the main site: ftp://ftp.proftpd.org/distrib/source The 1.3.9rc2 release includes security fixes, and other bugfixes, including: + Addressing "Terrapin" SSH attack (CVE-2023-48795) + Fixed builds for ChaChaPoly SSH support using older OpenSSL versions Please read the included NEWS and RELEASE_NOTES files for the full details. The SHA256 sum for the source tarball is: ffec3df8dc9f727203255b467bba9404b17b9ea3b61715ceb477c2417e081b76 proftpd-1.3.9rc2.tar.gz The PGP signature for the source tarball is: proftpd-1.3.9rc2.tar.gz: -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iEYEABECAAYFAmWCarIACgkQt46JP6URl2oNkgCfeyPsyKljSwK36TiTZu16wAGY ZG0AoPx8OnkjA5m4rz42qQxozY9B+MpK =bMjA -----END PGP SIGNATURE----- My PGP key has been used to sign the source tarballs as well as this announcement; it is available via MIT's public keyserver. -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iEYEARECAAYFAmWCbBgACgkQt46JP6URl2oLNQCgv4PS+58YzNJCWYVzizji5Tuk +xQAnRLPvYfgDtNe3c4gqkz1e7ct+kfp =Uxk+ -----END PGP SIGNATURE----- |