RHBA-2010:0410 - Bug Fix Advisory

Topic

An updated vsftpd package that fixes two bugs is now available.

Description

The vsftpd package includes a Very Secure FTP (File Transfer Protocol) daemon.

This updated vsftpd package includes fixes for the following bugs:

• when the "connect_from_port_20" directive in the vsftp.conf configuration file

was set to "NO", and other directives were set to certain values, the vsftpd
daemon would disconnect clients immediately after establishing the connection.
With this update, setting "connect_from_port_20=NO" in vsftpd.conf no longer
results in such disconnects, and clients are again able to successfully
establish connections.
(BZ#580055)

• when the "background" directive in the vsftpd.conf configuration file is set

to "YES", the vsftpd startup script forks, creating a child process (the vsftpd
daemon) which immediately sends the SIGUSR1 signal to its parent process, which
exits upon receiving it. When "background=NO" was specified in vsftpd.conf, the
startup script did not fork, but still sent the SIGUSR1 signal to its parent
process, which could have been any process that started the vsftpd process. A
parent process which did not explicitly handle SIGUSR1 would exit upon receiving
this signal. This update ensures that when "background=NO" is specified in
vsftpd.conf, the vsftpd process running in the foreground does not send the
SIGUSR1 signal to its parent process, thus avoiding potentially causing that
process to exit. (BZ#580396)

All users of vsftpd are advised to upgrade to this updated package, which
resolves these issues.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 580055 - [RHEL5] vsftpd prematurely closes connection just before processing of post-auth commands
• BZ - 580396 - vsftpd issues in RHEL5.4

CVEs

(none)

References

(none)