- Issued:
- 2015-07-22
- Updated:
- 2015-07-22
RHBA-2015:1408 - vsftpd bug fix update
Synopsis
vsftpd bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated vsftpd packages that fix two bugs are now available for Red Hat Enterprise Linux 6.
Description
The vsftpd packages include a Very Secure File Transfer Protocol (FTP) daemon, which is used to serve files over a network.
This update fixes the following bugs:
-
Prior to this update, the "local_max_rate" option did not work as expected. As a consequence, the transmission speed was significantly lower. This update extends the types of variables for calculating and accumulating the amount of transferred data and postpones the start of evaluation after the tenth evaluation. (BZ#1063401)
-
Previously, vsftpd server could not handle the use of "pam_exec.so" in the "pam.d" configuration file. Consequently, the vsftpd server considered new processes created by the "pam_exe.so" module to be its own and therefore attempted to catch them. When the processes were caught by "pam_exec.so", the vsftpd server became unresponsive. A patch has been applied to fix this bug, and the vsftpd server no longer hangs in the described situation. (BZ#1092877)
Users of vsftpd are advised to upgrade to these updated packages, which fix these bugs. The vsftpd daemon must be restarted for this update to take effect.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
Updated Packages
- vsftpd-debuginfo-2.2.2-14.el6.s390x.rpm
- vsftpd-2.2.2-14.el6.x86_64.rpm
- vsftpd-2.2.2-14.el6.i686.rpm
- vsftpd-debuginfo-2.2.2-14.el6.i686.rpm
- vsftpd-debuginfo-2.2.2-14.el6.x86_64.rpm
- vsftpd-2.2.2-14.el6.ppc64.rpm
- vsftpd-2.2.2-14.el6.src.rpm
- vsftpd-debuginfo-2.2.2-14.el6.ppc64.rpm
- vsftpd-2.2.2-14.el6.s390x.rpm
Fixes
(none)
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.