- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2011:1541 - Bug Fix Advisory
Synopsis
lftp bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated lftp package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.
Description
LFTP is a sophisticated file transfer program for the FTP and HTTP protocols.
Like bash, it has job control and uses the readline library for input. It has
bookmarks, built-in mirroring, and can transfer several files in parallel. It is
designed with reliability in mind.
This updated lftp package includes fixes for the following bugs:
- The GnuTLS library does not support some previously offered TLS ciphers. As a
consequence, some users experienced the error message, "Fatal error:
gnutls_handshake: A TLS fatal alert has been received", when attempting to use
SSL. With this update, it is now possible to force an SSLv3 connection instead
of TLS using the "set ftp:ssl-auth SSL" configuration directive for servers
without support for any of the TLS ciphers listed. This works both for implicit
and explicit FTPS. (BZ#532099)
- Prior to this update, the lftp client was not able to support "CLEAR COMMAND
CHANNEL" (CCC) mode (RFC4217). Without CCC, Layer 7 aware firewalls cannot see
the PASV port statements necessary to open the requisite data ports for
transfers. This updated package fixes the described weakness and the lftp client
supports CCC mode as intended. As a result data transfers through Layer 7 aware
firewalls no longer fail in the scenario described. (BZ#570495)
- Prior to this update, when the lftp client was started with the "-e" option
and the mget command was used, the returned exit status code was zero,
(success), when creating a connection to a URL had failed due to the specified
URL being non-existent. This update applies a patch that improves the error
handling in mget. As a result, the lftp client now returns exit status code '1',
indicating a failure, when creating a connection fails in the scenario
described. (BZ#727435)
All users of lftp are advised to upgrade to this updated package, which fixes
these bugs.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 532099 - lftp doesn't work with ssl since RHEL 5.4
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| x86_64 | |
| lftp-3.7.11-7.el5.x86_64.rpm | SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| ia64 | |
| lftp-3.7.11-7.el5.ia64.rpm | SHA-256: c5e45d240738b0ef52809cfba01b808b361a45474f76e52748abeb2a10c25166 |
| i386 | |
| lftp-3.7.11-7.el5.i386.rpm | SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| x86_64 | |
| lftp-3.7.11-7.el5.x86_64.rpm | SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| i386 | |
| lftp-3.7.11-7.el5.i386.rpm | SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| x86_64 | |
| lftp-3.7.11-7.el5.x86_64.rpm | SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| i386 | |
| lftp-3.7.11-7.el5.i386.rpm | SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| s390x | |
| lftp-3.7.11-7.el5.s390x.rpm | SHA-256: 848dc31c86715b01be9df9f6e3826fce511222a68168c48cd85cc02c3f4dd93f |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| ppc | |
| lftp-3.7.11-7.el5.ppc.rpm | SHA-256: 0180db5d99746cf6d3d6d1c92c312ad896f700567fe8c20a7a5dc41de2542013 |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| lftp-3.7.11-7.el5.src.rpm | SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| x86_64 | |
| lftp-3.7.11-7.el5.x86_64.rpm | SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| i386 | |
| lftp-3.7.11-7.el5.i386.rpm | SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
