rpm/vsftpd
SHA256
1
0
Fork 0
forked from pool/vsftpd
Code Pull Requests Activity

bsc#1200075

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=175
This commit is contained in:
Peter Simons 2023-06-19 06:30:36 +00:00 committed by Git OBS Bridge
parent dbac437174
commit 7d36368178
3 changed files with 39 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
0001-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch Normal file
View File

@ -0,0 +1,29 @@
From 9cba9e81aa96e1d64ae2eaaf88330e09dadfce79 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Fri, 5 Jan 2018 09:40:09 +0100
Subject: [PATCH 01/27] Fix default value of strict_ssl_read_eof in man page
---
vsftpd.conf.5 | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
index a5abeb2..43b0435 100644
--- a/vsftpd.conf.5
+++ b/vsftpd.conf.5
@@ -574,10 +574,9 @@ Default: YES
.B strict_ssl_read_eof
If enabled, SSL data uploads are required to terminate via SSL, not an
EOF on the socket. This option is required to be sure that an attacker did
-not terminate an upload prematurely with a faked TCP FIN. Unfortunately, it
-is not enabled by default because so few clients get it right. (New in v2.0.7).
+not terminate an upload prematurely with a faked TCP FIN. (New in v2.0.7).
-Default: NO
+Default: YES
.TP
.B strict_ssl_write_shutdown
If enabled, SSL data downloads are required to terminate via SSL, not an
--
2.40.1

11
vsftpd.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Jun 19 06:25:26 UTC 2023 - Peter Simons <psimons@suse.com>
- Apply "0001-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch"
to fix the documentation of the strict_ssl_read_eof option. The
documentation says option would be disabled by default, but it is
in fact enabled. [bsc#1200075]
-------------------------------------------------------------------
Tue Jan 3 16:12:32 UTC 2023 - David Anes <david.anes@suse.com>
@ -1304,6 +1312,3 @@ Tue Nov 13 13:30:42 CET 2001 - mmj@suse.de
Mon Oct 22 15:57:40 CEST 2001 - mmj@suse.de
- Initial package
-------------------------------------------------------------------
Mon Oct 22 15:57:40 CEST 2001 -

3
vsftpd.spec
View File

@ -97,6 +97,7 @@ Patch42: use-system-wide-tls-cipher-policy.patch
Patch43: vsftpd-allow-dev-log-socket.patch
Patch44: vsftpd-enable-sendto-for-prelogin-syslog.patch
Patch45: disable-tls13-to-support-older-openssl-versions.patch
Patch46: 0001-Fix-default-value-of-strict_ssl_read_eof-in-man-page.patch
BuildRequires: libcap-devel
%if 0%{?suse_version} == 1315
BuildRequires: libopenssl-1_1-devel >= 1.1.1
@ -180,10 +181,10 @@ tests.
%patch42 -p1
%patch43 -p1
%patch44 -p1
%if 0%{?sle_version} == 150000
%patch45 -p1
%endif
%patch46 -p1
%build
%define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP