SUSE-RU-2017:2563-1: moderate: Recommended update for vsftpd

sle-updates at lists.suse.com sle-updates at lists.suse.com
Mon Sep 25 13:08:17 MDT 2017


   SUSE Recommended Update: Recommended update for vsftpd
______________________________________________________________________________

Announcement ID:    SUSE-RU-2017:2563-1
Rating:             moderate
References:         #1042137 #1044292 #1048427 #1052900 
Affected Products:
                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Server 12-SP2
______________________________________________________________________________

   An update that has four recommended fixes can now be
   installed.

Description:

   This update for vsftpd provides the following fixes:

   - Fix a bug in vsftpd that would cause SSL protocol errors, aborting the
     connection, whenever system errors occurred that were supposed to be
     non-fatal. (bsc#1044292)
   - Fix a seccomp failure that happens in FIPS mode when SSL is enabled.
     (bsc#1052900)
   - Allow the FTP server to append to a file system pipe. (bsc#1048427)
   - Create a new configuration option "address_space_limit", which
     determines the memory limit vsftpd configures for its own process (given
     in bytes). The previously hard-coded limit (100 MB) may not be
     sufficient for vsftpd servers running with certain PAM modules enabled,
     and in such cases administrators may wish to raise the limit to match
     their system's requirements. (bsc#1042137)


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

      zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1588=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1588=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1588=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

      vsftpd-3.0.2-40.3.1
      vsftpd-debuginfo-3.0.2-40.3.1
      vsftpd-debugsource-3.0.2-40.3.1

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      vsftpd-3.0.2-40.3.1
      vsftpd-debuginfo-3.0.2-40.3.1
      vsftpd-debugsource-3.0.2-40.3.1

   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

      vsftpd-3.0.2-40.3.1
      vsftpd-debuginfo-3.0.2-40.3.1
      vsftpd-debugsource-3.0.2-40.3.1


References:

   https://bugzilla.suse.com/1042137
   https://bugzilla.suse.com/1044292
   https://bugzilla.suse.com/1048427
   https://bugzilla.suse.com/1052900



More information about the sle-updates mailing list