diff --git a/vsftpd-3.0.3-address_space_limit.patch b/vsftpd-3.0.3-address_space_limit.patch index 6eeaead..0caf698 100644 --- a/vsftpd-3.0.3-address_space_limit.patch +++ b/vsftpd-3.0.3-address_space_limit.patch @@ -1,8 +1,8 @@ -Index: vsftpd-3.0.3/main.c +Index: vsftpd-3.0.2/main.c =================================================================== ---- vsftpd-3.0.3.orig/main.c -+++ vsftpd-3.0.3/main.c -@@ -317,7 +317,7 @@ env_init(void) +--- vsftpd-3.0.2.orig/main.c 2018-06-28 15:45:11.373254606 +0000 ++++ vsftpd-3.0.2/main.c 2018-06-28 15:45:16.700973780 +0000 +@@ -320,7 +320,7 @@ env_init(void) static void limits_init(void) { @@ -11,10 +11,10 @@ Index: vsftpd-3.0.3/main.c if (tunable_text_userdb_names) { /* Turns out, LDAP lookups for lots of userid -> name mappings can really -Index: vsftpd-3.0.3/parseconf.c +Index: vsftpd-3.0.2/parseconf.c =================================================================== ---- vsftpd-3.0.3.orig/parseconf.c -+++ vsftpd-3.0.3/parseconf.c +--- vsftpd-3.0.2.orig/parseconf.c 2018-06-28 15:45:11.373254606 +0000 ++++ vsftpd-3.0.2/parseconf.c 2018-06-28 15:45:16.700973780 +0000 @@ -138,6 +138,7 @@ parseconf_uint_array[] = { "delay_successful_login", &tunable_delay_successful_login }, { "max_login_fails", &tunable_max_login_fails }, @@ -23,10 +23,10 @@ Index: vsftpd-3.0.3/parseconf.c { 0, 0 } }; -Index: vsftpd-3.0.3/tunables.c +Index: vsftpd-3.0.2/tunables.c =================================================================== ---- vsftpd-3.0.3.orig/tunables.c -+++ vsftpd-3.0.3/tunables.c +--- vsftpd-3.0.2.orig/tunables.c 2018-06-28 15:45:11.373254606 +0000 ++++ vsftpd-3.0.2/tunables.c 2018-06-28 15:45:16.700973780 +0000 @@ -110,6 +110,7 @@ unsigned int tunable_delay_failed_login; unsigned int tunable_delay_successful_login; unsigned int tunable_max_login_fails; @@ -43,10 +43,10 @@ Index: vsftpd-3.0.3/tunables.c install_str_setting("/usr/share/empty", &tunable_secure_chroot_dir); install_str_setting("ftp", &tunable_ftp_username); -Index: vsftpd-3.0.3/tunables.h +Index: vsftpd-3.0.2/tunables.h =================================================================== ---- vsftpd-3.0.3.orig/tunables.h -+++ vsftpd-3.0.3/tunables.h +--- vsftpd-3.0.2.orig/tunables.h 2018-06-28 15:45:11.373254606 +0000 ++++ vsftpd-3.0.2/tunables.h 2018-06-28 15:45:16.700973780 +0000 @@ -112,6 +112,7 @@ extern unsigned int tunable_delay_failed extern unsigned int tunable_delay_successful_login; extern unsigned int tunable_max_login_fails; @@ -55,3 +55,27 @@ Index: vsftpd-3.0.3/tunables.h /* String defines */ extern const char* tunable_secure_chroot_dir; +Index: vsftpd-3.0.2/vsftpd.conf.5 +=================================================================== +--- vsftpd-3.0.2.orig/vsftpd.conf.5 2018-06-28 15:45:06.882648441 +0000 ++++ vsftpd-3.0.2/vsftpd.conf.5 2018-06-28 15:55:42.806639732 +0000 +@@ -639,6 +639,19 @@ The timeout, in seconds, for a remote cl + a PASV style data connection. + + Default: 60 ++ ++.TP ++.B address_space_limit ++Set the amount of memory vsftpd can use (in bytes). This limit exists so that ++attackers cannot exploit any potential bugs in the server that might result in ++vsftpd allocating huge amounts of memory that would affect the host system ++negatively, e.g. causing thrashing or killing random processes due to Linux's ++OOM system. If the value is configured too low, vsftpd will fail with "out of ++memory" errors during normal operations. Oftentimes, this occurs inside of the ++PAM stack on systems that have many memory-intensive PAM modules enabled. ++ ++Default: 104857600 (100MB) ++ + .TP + .B anon_max_rate + The maximum data transfer rate permitted, in bytes per second, for anonymous diff --git a/vsftpd.changes b/vsftpd.changes index 855cfc7..e985217 100644 --- a/vsftpd.changes +++ b/vsftpd.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Jun 28 15:57:13 UTC 2018 - psimons@suse.com + +- Extend "vsftpd-3.0.3-address_space_limit.patch" to mention the + new 'address_space_limit' option in the installed vsftpd.conf(5) + man page. [bsc#1075060] + ------------------------------------------------------------------- Thu Jun 21 11:06:33 UTC 2018 - psimons@suse.com