- Issued:
- 2010-05-17
- Updated:
- 2010-05-17
RHBA-2010:0410 - Bug Fix Advisory
Synopsis
vsftpd bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated vsftpd package that fixes two bugs is now available.
Description
The vsftpd package includes a Very Secure FTP (File Transfer Protocol) daemon.
This updated vsftpd package includes fixes for the following bugs:
- when the "connect_from_port_20" directive in the vsftp.conf configuration file
was set to "NO", and other directives were set to certain values, the vsftpd
daemon would disconnect clients immediately after establishing the connection.
With this update, setting "connect_from_port_20=NO" in vsftpd.conf no longer
results in such disconnects, and clients are again able to successfully
establish connections.
(BZ#580055)
- when the "background" directive in the vsftpd.conf configuration file is set
to "YES", the vsftpd startup script forks, creating a child process (the vsftpd
daemon) which immediately sends the SIGUSR1 signal to its parent process, which
exits upon receiving it. When "background=NO" was specified in vsftpd.conf, the
startup script did not fork, but still sent the SIGUSR1 signal to its parent
process, which could have been any process that started the vsftpd process. A
parent process which did not explicitly handle SIGUSR1 would exit upon receiving
this signal. This update ensures that when "background=NO" is specified in
vsftpd.conf, the vsftpd process running in the foreground does not send the
SIGUSR1 signal to its parent process, thus avoiding potentially causing that
process to exit. (BZ#580396)
All users of vsftpd are advised to upgrade to this updated package, which
resolves these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 580055 - [RHEL5] vsftpd prematurely closes connection just before processing of post-auth commands
- BZ - 580396 - vsftpd issues in RHEL5.4
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
vsftpd-2.0.5-16.el5_5.1.src.rpm | SHA-256: a65e02d3366a7c528af7eb809acf93b98a47b68e47f15c56880b91823d294bee |
x86_64 | |
vsftpd-2.0.5-16.el5_5.1.x86_64.rpm | SHA-256: d28a52beece222ce714c00cb9fd2e809385bf2a8222e8363e2caf66e7977a6ac |
ia64 | |
vsftpd-2.0.5-16.el5_5.1.ia64.rpm | SHA-256: 59533e09a9980620d97ebf07f41e818326662e0af6c0fe8860358fee79571d5a |
i386 | |
vsftpd-2.0.5-16.el5_5.1.i386.rpm | SHA-256: 1f739b6f8e7f40e43c8be0f06f6e97265eab3fc616ca729ec043476a6a348302 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
vsftpd-2.0.5-16.el5_5.1.src.rpm | SHA-256: a65e02d3366a7c528af7eb809acf93b98a47b68e47f15c56880b91823d294bee |
x86_64 | |
vsftpd-2.0.5-16.el5_5.1.x86_64.rpm | SHA-256: d28a52beece222ce714c00cb9fd2e809385bf2a8222e8363e2caf66e7977a6ac |
i386 | |
vsftpd-2.0.5-16.el5_5.1.i386.rpm | SHA-256: 1f739b6f8e7f40e43c8be0f06f6e97265eab3fc616ca729ec043476a6a348302 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
vsftpd-2.0.5-16.el5_5.1.src.rpm | SHA-256: a65e02d3366a7c528af7eb809acf93b98a47b68e47f15c56880b91823d294bee |
s390x | |
vsftpd-2.0.5-16.el5_5.1.s390x.rpm | SHA-256: 364b8b6b5e288301448af9754e66866a0765f42e6ebbde18d5309cd0825db8cd |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
vsftpd-2.0.5-16.el5_5.1.src.rpm | SHA-256: a65e02d3366a7c528af7eb809acf93b98a47b68e47f15c56880b91823d294bee |
ppc | |
vsftpd-2.0.5-16.el5_5.1.ppc.rpm | SHA-256: 55f66a0d176033ac0b88ace19b921b846cc549389efb30fef99c64a2ddcacdd2 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
vsftpd-2.0.5-16.el5_5.1.src.rpm | SHA-256: a65e02d3366a7c528af7eb809acf93b98a47b68e47f15c56880b91823d294bee |
x86_64 | |
vsftpd-2.0.5-16.el5_5.1.x86_64.rpm | SHA-256: d28a52beece222ce714c00cb9fd2e809385bf2a8222e8363e2caf66e7977a6ac |
i386 | |
vsftpd-2.0.5-16.el5_5.1.i386.rpm | SHA-256: 1f739b6f8e7f40e43c8be0f06f6e97265eab3fc616ca729ec043476a6a348302 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.