- security isseus
  . CVE-2020-9273 pool.c alloc_pool() Function Data Transfer Channel Interrupting
                  Use-after-free Remote Code Execution

- update 1.3.5e
- security issues
  . CVE-2017-7418 "AllowChrootSymlinks off" checking each component for symlinks

- update 1.3.5b
- fixed official bugs
  Bug 4254 - SSH rekey during authentication can cause issues with clients
  Bug 4257 - Recursive SCP uploads of multiple directories not handled properly
  Bug 4259 - LIST returns different results for file, depending on path syntax.
  Bug 4255 - 'AuthAliasOnly on' in server config breaks anonymous logins.

- update 1.3.4e
- fixed bugs
  Bug 3945 - Spurious log messages at session close.
  Bug 3947 - LogFormat %f variable not resolved properly for SFTP renames.
  Bug 3858 - mod_delay allows too-large values, leading to client hang on
             authentication.
  Bug 3951 - Null pointer dereference for mod_ldap logins when
             LDAPDefaultAuthScheme not configured.
  Bug 3954 - scp downloads result in segfault.
  Bug 3957 - ProFTPD configuration with thousands of <Directory>/<Limit>
             sections leads to slow logins.
  Bug 3959 - mod_sftp does not honor <Directory>/<Limit> sections when symlinks
             are involved.
  Bug 3958 - Directory creation does not honor single-parameter Umask setting.
  Bug 3962 - Directory creation fails (chmod(2) EPERM) when root privs are used
             in some cases.
  Bug 3972 - Authentication error on Cygwin due to bad code.
  Bug 3973 - mod_sftp can be forced to allocate too much memory for
             keyboard-interactive authentication.
  Bug 3974 - PathDenyFilter directive does not work as expected for SFTP
             sessions.
  Bug 3963 - Improve permission setting when creating directories.
  Bug 3981 - Null pointer dereference in mod_exec with ExecOption useStdin.
  Bug 3986 - Support filesystems which do not support chmod(2)/chown(2),
             e.g. FAT/ExFAT.
  Bug 3991 - SSL session caching modules use incorrect OpenSSL cache mode flags,
             breaking session caching.
  Bug 3970 - ProFTPD should not use fd 2 (stderr) for files.
  Bug 3992 - RSA signature issue when connecting using PuTTY/WinSCP.
  Bug 4001 - mod_sftp fails key exchange for 8192-bit DH group.
  Bug 4004 - IgnoreSCPUploadPerms SFTPOption not honored properly for SCP
             directory upload.
  Bug 4006 - RADIUS "service-type" attribute encoded with wrong length on
             64-bit system.
  Bug 4013 - SCP upload of shorter file does not completely overwrite existing
             file of same name.
  Bug 4022 - "Directory not empty" error when creating directory is misleading.
  Bug 4032 - Restarting proftpd with mod_sftp fails due to permissions on
             SFTPHostKey file.
  Bug 4034 - SSH publickey authentication fails with "MaxLoginAttempts 1".
  Bug 4046 - ALLO command failed because of bad size check.
  Bug 4048 - Race condition in mod_ban can lead to segfault of all new
             connections.
  Bug 4042 - MIC command between RNFR and RNTO should not be rejected.
  Bug 4044 - mod_facl prevents a normal SIGHUP reload.

- update 1.3.4d
- [mod_timelimit] log_auth symbol lookup error
- [mod_anontype] log_auth symbol lookup error
- security isseus
  . CVE-2011-4130 Fixed response pool use-after-free issue
  . CVE-2011-1137 badly formed SSH messages cause DoS
  . CVE-2010-3867 Fixed directory traversal bug in mod_site_misc
  . ZDI-CAN-925 Fixed Telnet IAC stack overflow vulnerability
- fixed official bugs
  . #4014 CommandBufferSize should override PR_DEFAULT_CMD_BUFSZ
  . #4022 "Directory not empty" error when creating directory is misleading

- man-pages-ko 패키지와 의존성 충돌 문제 해결

- update 1.3.3g