Cumulative bug-fix release from upstream. Includes fix for a possible SQL- injection issue via mod_sql (CVE-2026-42167). Note that mod_sql is not enabled by default.

Source: Fedora 42 ProFTPD Serious SQL Injection Vulnerability CVE-2026-42167