- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2012:0187 - Bug Fix Advisory
Synopsis
vsftpd bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated vsftpd package that fixes three bugs and adds three enhancements is
now available for Red Hat Enterprise Linux 5.
Description
The vsftpd package includes a Very Secure FTP (File Transfer Protocol) daemon.
This update fixes the following bugs:
- The "delay_failed_login" and "max_login_fails" options, which can be set in
the vsftpd.conf file, did not work correctly. Consequently, the user had an
unlimited number of login attempts if the "userlist_enabled=YES" and
"userlist_deny=NO" rules were specified in the vsftpd.conf file. The vsftpd
daemon now properly uses a delay between two unsuccessful login attempts and
also refuses any connection after a specified number of unsuccessful login
attempts. (BZ#513828)
- The vsftpd daemon did not handle file transfer failures correctly if the
ftp-data port was blocked on the FTP client. As a consequence, vsftpd became
unresponsive under these circumstances. The updated vsftpd daemon now reports
such failures to the FTP client and the data transfer is terminated as expected.
(BZ#717409)
- An attempt to list files could lead to a data type overflow error if a
directory contained files with owner's UID or GID that was higher then the
maximum value of the "signed int" data type (that is 2147483647). Subsequently,
the FTP connection was terminated. With this update, vsftpd has been modified to
support UIDs and GIDs up to the maximum value of the "unsigned int" data type
(that is 4294967294). Directory content is now listed as expected in the
scenario described. (BZ#759364)
In addition, this update adds the following enhancements:
- The vsftpd server previously did not support the UTF-8 feature. This update
implements the UTF-8 feature for the vsftpd server in accordance with the
Internationalization of the File Transfer Protocol (RFC 2640) standard.
(BZ#638873)
- The "ls" command previously did not support square brackets as wildcard
characters in FTP connections. This update improves wildcard characters support
in vsftpd and square brackets can now be used in regular expressions with the
"ls" command accordingly. (BZ#641239)
- With this update, vsftpd introduces the new "ssl_request_cert" option, which
enables vsftpd to request certificates on incoming SSL connections. (BZ#644083)
All users of vsftpd are advised to upgrade to this updated package, which fixes
these bugs and adds these enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 641239 - [RFE] vsftpd can not handle square brackets in ls
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
vsftpd-2.0.5-24.el5.src.rpm | SHA-256: 4e502e4058fd021fa6c620290b41f2aacd81ff8e90e32ab864a47ad4c4d20998 |
x86_64 | |
vsftpd-2.0.5-24.el5.x86_64.rpm | SHA-256: 2244575109610c16d4be16aa1285ed44d49beb583ecf003dcf8a26c3b3a3ffd6 |
ia64 | |
vsftpd-2.0.5-24.el5.ia64.rpm | SHA-256: 8f7402fe660b0105e2ab27533d0e55202207dbe3e4dd0312984816b1b16bf803 |
i386 | |
vsftpd-2.0.5-24.el5.i386.rpm | SHA-256: ad4a470d899590099a9776658d3b31e118e58ea34997a476d90c835d00210fbc |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
vsftpd-2.0.5-24.el5.src.rpm | SHA-256: 4e502e4058fd021fa6c620290b41f2aacd81ff8e90e32ab864a47ad4c4d20998 |
x86_64 | |
vsftpd-2.0.5-24.el5.x86_64.rpm | SHA-256: 2244575109610c16d4be16aa1285ed44d49beb583ecf003dcf8a26c3b3a3ffd6 |
i386 | |
vsftpd-2.0.5-24.el5.i386.rpm | SHA-256: ad4a470d899590099a9776658d3b31e118e58ea34997a476d90c835d00210fbc |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
vsftpd-2.0.5-24.el5.src.rpm | SHA-256: 4e502e4058fd021fa6c620290b41f2aacd81ff8e90e32ab864a47ad4c4d20998 |
s390x | |
vsftpd-2.0.5-24.el5.s390x.rpm | SHA-256: 984302896c014519b7dfec29f0f13dee3491669535e69c6ba1782633f0b3f79e |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
vsftpd-2.0.5-24.el5.src.rpm | SHA-256: 4e502e4058fd021fa6c620290b41f2aacd81ff8e90e32ab864a47ad4c4d20998 |
ppc | |
vsftpd-2.0.5-24.el5.ppc.rpm | SHA-256: c64d1d7e801d20e984563400eda4dff85758590d8c2b59f58cfacb4cd2a52ab5 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
vsftpd-2.0.5-24.el5.src.rpm | SHA-256: 4e502e4058fd021fa6c620290b41f2aacd81ff8e90e32ab864a47ad4c4d20998 |
x86_64 | |
vsftpd-2.0.5-24.el5.x86_64.rpm | SHA-256: 2244575109610c16d4be16aa1285ed44d49beb583ecf003dcf8a26c3b3a3ffd6 |
i386 | |
vsftpd-2.0.5-24.el5.i386.rpm | SHA-256: ad4a470d899590099a9776658d3b31e118e58ea34997a476d90c835d00210fbc |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.