openwrt-packages-dist

46 MiB

Author	SHA1	Message	Date
Hannu Nyman	f1b60bac41	vsftpd: update to 3.0.3 Update vsftpd to 3.0.3 released in July 2015. Changelog: https://security.appspot.com/vsftpd/Changelog.txt Release blog: http://scarybeastsecurity.blogspot.fi/2015/07/vsftpd-303-released-and-horrors-of-ftp.html - Increase VSFTP_AS_LIMIT to 200MB; various reports. - Make the PWD response more RFC compliant; report from Barry Kelly <barry@modeltwozero.com>. - Remove the trailing period from EPSV response to work around BT Internet issues; report from Tim Bishop <tdb@mirrorservice.org>. - Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil <mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now. - Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I probably have a different distro / libc / etc. and there are multiple reports. - Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle this case gracefully. Report from Vasily Averin <vvs@odin.com>. - List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default. - Make some compile-time SSL defaults (such as correct client shutdown handling) stricter. - Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms delays. From Tim Kosse <tim.kosse@filezilla-project.org>. - Kill the FTP session if we see HTTP protocol commands, to avoid cross-protocol attacks. A report from Jann Horn <jann@thejh.net>. - Kill the FTP session if we see session re-use failure. A report from Tim Kosse <tim.kosse@filezilla-project.org>. (vsftpd-3.0.3pre1) - Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>. - Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384. - Minor SSL logging improvements. - Un-default tunable_strict_ssl_write_shutdown again. We still have tunable_strict_ssl_read_eof defaulted now, which is the important one to prove upload integrity. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>	9 years ago
Cezary Jackiewicz	62fff58380	[packages] vsftpd: CVE-2015-1419 Unspecified vulnerability in vsftp 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.	9 years ago
Hannu Nyman	bc7c3799d4	vsftpd: fix musl compatibility Make vsftpd to compile with musl, while preserving uclibc compatibility. When using musl: * disable UTMPX functionality * disable -lnsl option in upstream Makefile Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>	9 years ago
Hannu Nyman	aff2e9e764	vsftpd: import from oldpackages. No changes.	10 years ago

4 Commits (4d0d9ac3f9640aa082a207cb779e0018ec3013fb)