Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2013:0025-01

Overview

Id RHBA-2013:0025-01
Name Red Hat 2013:0025-01 RHBA vsftpd bug fix update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Language(s)
Operating System(s) Linux 
Released On 07 Jan 2013 12:00:00

RHBA-2013:0025-01

Red Hat 2013:0025-01 RHBA vsftpd bug fix update for RHEL 5 x86

Vendor Name

red_hat

Product

None

Released On

07 Jan 2013 12:00:00

Url

https://rhn.redhat.com/errata/RHBA-2013-0025.html

Description

LSAC(v2)
The vsftpd packages provide the VSFTP (Very Secure File Transfer Protocol) daemon. This update fixes the following bugs: * Prior to this update, the "local_max_rate" option did not work as expected. As a consequence, the transmission speed was significantly lower. This update extends the types of variables for calculating and accumulating the amount of transferred data and postpones the start of evaluation after the tenth. (BZ#795393) * Prior to this update, the "ls" command failed to handle the wildcard character "?" correctly. This update modifies the "ls" code so that the "ls" command can now uses the wildcard character "?" as expected. (BZ#799245) * Prior to this update, the file transfer on a TLS connection failed after transferring the first files when the "ssl_request_cert" option used the default setting "YES". This update modifies the underlying code so that the file transfer completes as expected. (BZ#804078) * Prior to this update, the vsftpd daemon did not correctly handle "EADDRINUSE" errors received from a TCP port on which vsftpd was listening. As a consequence, vsftpd immediately sent an error message to an FTP client instead of retrying to use the port. This update modifies the error handling of vsftpd so that the daemon now retries the port before sending the error message to the FTP client. (BZ#809450) * Prior to this update, the vsftpd daemon failed with the message "500 OOPS: vsf_sysutil_bind" when the ports from the range configured for passive mode were occupied. This could occur when repeating the "ls" command on the empty sub-directory in the FTP client. The updated daemon is able to reuse ports from the approved range that are in the state TIME_WAIT and the described failure is no more observed. (BZ#845051) All users of vsftpd are advised to upgrade to these updated packages, which fix these bugs.

Related Resources

Related Vulnerabilities

None

Related Patches

None

Superseded Patches


Last Updated: 27 May 2016 11:16:12