Issued:

2009-12-11

Updated:

2009-12-11

RHBA-2009:1664 - vsftpd bug fix update

Synopsis

vsftpd bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

An updated vsftpd package that fixes a bug is now available.

Description

The vsftpd package includes a Very Secure FTP (File Transfer Protocol) daemon.

This updated vsftpd package fixes the following bug:

• certain vsftpd commands such as "ls" accept wildcard (globbing) characters, which allows matching multiple files with a single command. However, these commands did not "expand" any wildcard characters beyond the first one in any given string, which could have caused a failure to match certain files. With this update, vsftpd's commands which accept wildcards now expand all such characters fully, thus enabling them to match file names as expected. (BZ#544278)

All users of vsftpd are advised to upgrade to this updated package, which resolves this issue.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Updated Packages

• vsftpd-2.0.5-16.el5_4.1.s390x.rpm
• vsftpd-2.0.5-16.el5_4.1.ppc.rpm
• vsftpd-2.0.5-16.el5_4.1.x86_64.rpm
• vsftpd-2.0.5-16.el5_4.1.src.rpm
• vsftpd-2.0.5-16.el5_4.1.i386.rpm
• vsftpd-2.0.5-16.el5_4.1.ia64.rpm

Fixes

• This content is not included.BZ - 544278

CVEs

(none)

References

(none)

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.