- Issued:
- 2012-06-20
- Updated:
- 2012-06-20
RHBA-2012:0790 - Bug Fix Advisory
Synopsis
vsftpd bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated vsftpd packages that fix multiple bugs are now available for Red Hat
Enterprise Linux 6.
Description
The vsftpd package provides the VSFTP (Very Secure File Transfer Protocol)
daemon.
This update fixes the following bugs:
- Prior to this update, the configuration file specified the wrong default log
file. As a consequence, the logrotate script could not find and consequently
rotate the vsftpd log file which resulted in an unnecessarily large vsftpd log.
This update specifies /var/log/xferlog as its default log file in
/etc/vsftpd/vsftpd.conf, which enables log rotation on vsftpd log files.
(BZ#701300)
- Prior to this update, the RLIMIT_AS value (100 MB) was insufficient. As a
consequence, LDAP could not use vsftpd for authentication to the system. This
update increases the initial RLIMIT_AS value to 200 MB, and vsftpd now can be
used for LDAP authentication as expected. (BZ#708657)
- Prior to this update, vsftpd did not handle file transfer failures correctly
if the ftp-data port was blocked on the File Transfer Protocol (FTP) client. As
a consequence, vsftpd could become unresponsive. This update modifies the
underlying code so that the vsftp daemon reports such failures to the FTP client
and the data transfer is now terminated as expected. (BZ#717411)
- Prior to this update, the man page of the vsftpd.conf file contained incorrect
default values for "max_per_ip" and "max_clients" options. This update
introduces the correct default values for these two options. (BZ#745133)
- Prior to this update, the DNS reverse lookup feature could not be disabled.
This update adds the "reverse_lookup_enable" parameter, which allows to enable
or disable the DNS reverse lookup functionality. (BZ#752954)
- Prior to this update, vsftpd also listed the CHMOD command when the
"chmod_enable" option was disabled. This update modifies the help file so that
vsftpd no longer lists the CHMOD command when the command is disabled.
(BZ#765757)
- Prior to this update, listing files could cause an overflow error if a
directory contained files with a User or Group ID that was higher then the
maximum value 2147483647 of the "signed int" data type. As a consequence, the
FTP connection was terminated. This update modifies vsftpd to support UIDs and
GIDs above the maximum value of the "unsigned int" data type. Directory content
is now listed as expected in the scenario described. (BZ#785061)
- Prior to this update, the ls command did not support square brackets as
wildcard characters in FTP connections. This update improves wildcard characters
support in vsftpd and square brackets can now be used in regular expressions
with the ls command. (BZ#785084)
- Prior to this update, the "listen()" function in vsftpd could, under certain
circumstances, fail under heavy load. As a consequence, the socket became
blocked. This update closes failed sockets and creates new a socket to cointinue
listening. (BZ#785642)
All users of vsftpd are advised to upgrade to these updated packages, which fix
these bugs.
Solution
Before applying this update, make sure all previously-released errata relevant
to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
Fixes
- BZ - 708657 - Update to rhel 6.1 broke vsftpd authentication when using ldap
- BZ - 785084 - vsftpd can not handle square brackets in ls
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| x86_64 | |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| i386 | |
| vsftpd-2.2.2-11.el6.i686.rpm | SHA-256: 6a32003b99c00219a15c779f3abdc7d55d104c83dffe695a8d2c225f0974c6c6 |
| vsftpd-debuginfo-2.2.2-11.el6.i686.rpm | SHA-256: b87716f9c889c8bab25f91633b25ac34024147ac726e2882ca55baa143c3c8fc |
Red Hat Enterprise Linux Server from RHUI 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| x86_64 | |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| i386 | |
| vsftpd-2.2.2-11.el6.i686.rpm | SHA-256: 6a32003b99c00219a15c779f3abdc7d55d104c83dffe695a8d2c225f0974c6c6 |
| vsftpd-debuginfo-2.2.2-11.el6.i686.rpm | SHA-256: b87716f9c889c8bab25f91633b25ac34024147ac726e2882ca55baa143c3c8fc |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| x86_64 | |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| i386 | |
| vsftpd-2.2.2-11.el6.i686.rpm | SHA-256: 6a32003b99c00219a15c779f3abdc7d55d104c83dffe695a8d2c225f0974c6c6 |
| vsftpd-debuginfo-2.2.2-11.el6.i686.rpm | SHA-256: b87716f9c889c8bab25f91633b25ac34024147ac726e2882ca55baa143c3c8fc |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| x86_64 | |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| i386 | |
| vsftpd-2.2.2-11.el6.i686.rpm | SHA-256: 6a32003b99c00219a15c779f3abdc7d55d104c83dffe695a8d2c225f0974c6c6 |
| vsftpd-debuginfo-2.2.2-11.el6.i686.rpm | SHA-256: b87716f9c889c8bab25f91633b25ac34024147ac726e2882ca55baa143c3c8fc |
Red Hat Enterprise Linux for IBM z Systems 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| s390x | |
| vsftpd-2.2.2-11.el6.s390x.rpm | SHA-256: bb22dbf883e2c2a2a79ff54334f4479b5cdae5c3dd0113f0b0fc8637357f7471 |
| vsftpd-debuginfo-2.2.2-11.el6.s390x.rpm | SHA-256: 2322136f1fdabd5a6cf0f6f268ff2147726510e07ba01dad2a86f0acdd414797 |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| ppc64 | |
| vsftpd-2.2.2-11.el6.ppc64.rpm | SHA-256: db2c02e33511cdd10ba7aeb789205835ba1b66f5560565f506730756b9e968b0 |
| vsftpd-debuginfo-2.2.2-11.el6.ppc64.rpm | SHA-256: 2d6a259a272f1dc5ddaec19d0bb06bbb4393b565e898ee4120eb2e48cbd673e4 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| s390x | |
| vsftpd-2.2.2-11.el6.s390x.rpm | SHA-256: bb22dbf883e2c2a2a79ff54334f4479b5cdae5c3dd0113f0b0fc8637357f7471 |
| vsftpd-debuginfo-2.2.2-11.el6.s390x.rpm | SHA-256: 2322136f1fdabd5a6cf0f6f268ff2147726510e07ba01dad2a86f0acdd414797 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| x86_64 | |
| vsftpd-2.2.2-11.el6.x86_64.rpm | SHA-256: c123fb5f781c43d2275fd4583792eeb793fac7cc27949a8e9b8902bc35f801a8 |
| vsftpd-debuginfo-2.2.2-11.el6.x86_64.rpm | SHA-256: b338c06b7ff18c6de8ae06ab0e02ec931653a997267896f623fdbde1812e80e9 |
| i386 | |
| vsftpd-2.2.2-11.el6.i686.rpm | SHA-256: 6a32003b99c00219a15c779f3abdc7d55d104c83dffe695a8d2c225f0974c6c6 |
| vsftpd-debuginfo-2.2.2-11.el6.i686.rpm | SHA-256: b87716f9c889c8bab25f91633b25ac34024147ac726e2882ca55baa143c3c8fc |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6
| SRPM | |
|---|---|
| vsftpd-2.2.2-11.el6.src.rpm | SHA-256: 53f0246ae6148967daf7219bb11b88ff9e37a23b5791664b6d6d23a51c2d1ec2 |
| s390x | |
| vsftpd-2.2.2-11.el6.s390x.rpm | SHA-256: bb22dbf883e2c2a2a79ff54334f4479b5cdae5c3dd0113f0b0fc8637357f7471 |
| vsftpd-debuginfo-2.2.2-11.el6.s390x.rpm | SHA-256: 2322136f1fdabd5a6cf0f6f268ff2147726510e07ba01dad2a86f0acdd414797 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
