Bug#671063: closed by Francesco Paolo Lovergine <frankie at debian.org> (Bug#671063: fixed in proftpd-dfsg 1.3.5~rc2-1)
Francesco P. Lovergine
frankie at debian.org
Fri Mar 8 22:47:02 UTC 2013
On Thu, Mar 07, 2013 at 07:32:32PM +0100, Jonas Smedegaard wrote:
> Quoting Debian Bug Tracking System (2013-03-07 14:51:03)
> > #671063: proftpd-basic: should renew dhparams.pem file (last updated
> > on 2008-09-07)
>
> [snip]
>
> > * New upstream pre-releaese.
> > (closes: #671063)
>
> Could you please elaborate on how more spefically this has been fixed?
>
> Do perhaps upstream now generate certificates during build, as I
> suggested?
>
Yes, on January.
> If they maybe simply ship with fresh prebuilt files, has any mechanism
> been put into place to ensure it does not silently bitrot again?
>
> Or put differently: Has this really been _fixed_ or only poked at?
>
A proper fix is only regenerating it on regular basis. It is out of question
doing that at every build, the process is too much intensive. Note that
AFAIK it has the same role of moduli in openssh-client, generated in 2011 last
time. Also it can be overriden by the admin as documented.
--
Francesco P. Lovergine
More information about the Pkg-proftpd-maintainers
mailing list