Red Hat Bugzilla – Bug 811193
vsftpd-3.0.0 is available
Last modified: 2014-11-09 17:35:41 EST
Latest upstream release: 3.0.0
Current version in Fedora Rawhide: 2.3.5
Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
vsftpd-3.0.0 is released - with a new highly restrictive seccomp filter sandbox. It activates automatically on 64-bit bit binaries on Ubuntu 12.04+. In addition, there's a fix for passive mode connections under high loads and a few timeout fixes, particularly if you're using SSL.
- Update vsf_findlibs.sh to work on Ubuntu 11.10+
- Make listen mode the default.
- Add -Werror to build flags.
- Fix missing "const" in ssl.c
- Add seccompsandbox.c to support a seccomp filter sandbox; works against Ubuntu
- Rearrange ftppolicy.c a bit so the syscall list is easily comparable with
- Rename deprecated "sandbox" to "ptrace_sandbox".
- Add a few more state checks to the privileged helper processes.
- Add tunable "seccomp_sandbox", default on.
- Use hardened build flags. Distros of course override these and provide their
own build flags but no harm in showing how it could be done.
- Retry creating a PASV socket upon port reuse race between bind() and listen(),
patch from Ralph Wuerthner <email@example.com>.
- Don't die() if recv() indicates a closed remote connection. Problem report
on a Windows client from Herbert van den Bergh,
- Add new config setting "allow_writeable_chroot" to help people in a bit of
a spot with the v2.3.5 defensive change. Only applies to non-anonymous.
- Remove a couple of fixed things from BUGS.
- strlen() trunction fix -- no particular impact.
- Apply some tidyups from firstname.lastname@example.org.
- Fix delete_failed_uploads if there is a timeout. Report from Alejandro
Hernández Hdez <email@example.com>.
- Fix other data channel bugs such as failure to log failure upon timeout.
- Use exit codes a bit more consistently.
- Fix bad interaction between SSL and trans_chunk_size.
- Redo data timeout to fire properly for SSL sessions.
- Redo idle timeout to fire properly for SSL sessions.
- Make sure PROT_EXEC isn't allowed, thanks to Will Drewry for noticing.
- Use 10 minutes as a max linger time just in case an alarm gets lost.
- Change PR_SET_NO_NEW_PRIVS define, from Kees Cook.
- Add AES128-SHA to default SSL cipher suites for FileZilla compatibility.
Unfortunately the default vsftpd SSL confiuration still doesn't fully work
with FileZilla, because FileZilla has a data connection security problem:
no client certificate presentation and no session reuse. At least the error
message is now very clear.
- Add restart_syscall to seccomp policy. Triggers reliably if you strace whilst
a data transfer is in progress.
- Fix delete_failed_uploads for anonymous sessions.
- Don't listen for urgent data if the control connection is SSL, due to possible
protocol synchronization issues.