Accepting request 329655 from network

- Version bump to 3.0.3: * Increase VSFTP_AS_LIMIT to 200MB; various reports. * Make the PWD response more RFC compliant; report from Barry Kelly <barry@modeltwozero.com>. * Remove the trailing period from EPSV response to work around BT Internet issues; report from Tim Bishop <tdb@mirrorservice.org>. * Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil <mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now. * Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I probably have a different distro / libc / etc. and there are multiple reports. * Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle this case gracefully. Report from Vasily Averin <vvs@odin.com>. * List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default. * Make some compile-time SSL defaults (such as correct client shutdown handling) stricter. * Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms delays. From Tim Kosse <tim.kosse@filezilla-project.org>. * Kill the FTP session if we see HTTP protocol commands, to avoid cross-protocol attacks. A report from Jann Horn <jann@thejh.net>. * Kill the FTP session if we see session re-use failure. A report from Tim Kosse <tim.kosse@filezilla-project.org>. * Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>. * Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384. * Minor SSL logging improvements. * Un-default tunable_strict_ssl_write_shutdown again. We still have tunable_strict_ssl_read_eof defaulted now, which is the important one to prove upload integrity. - Drop patch vsftpd-allow-dev-log-socket.patch should be included upstream, se above bullet with mvyskocil's email OBS-URL: https://build.opensuse.org/request/show/329655 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=52
2015-09-19 04:53:10 +00:00 · 2015-09-19 04:53:10 +00:00 · e15069f3f5
commit e15069f3f5
parent 5a2482fd2a 7cbe902ddd
7 changed files with 44 additions and 44 deletions
--- a/vsftpd-3.0.2.tar.gz
+++ b/vsftpd-3.0.2.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:be46f0e2c5528fe021fafc8dab1ecfea0c1f183063a06977f8537fcd0b195e56
 size 192808
--- a/vsftpd-3.0.2.tar.gz.asc
+++ b/vsftpd-3.0.2.tar.gz.asc
@ -1,7 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 iEYEABECAAYFAlBYSB8ACgkQqmLsRjwOdRwyzACdEOSXJgLVmiIZHZ/dFJfchX1R
 Z3cAnjkRO3++zgZuG+CQ+FJx745IlazL
 =UTJs
 -----END PGP SIGNATURE-----
--- a/vsftpd-3.0.3.tar.gz
+++ b/vsftpd-3.0.3.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7
 size 196649
--- a/vsftpd-3.0.3.tar.gz.asc
+++ b/vsftpd-3.0.3.tar.gz.asc
@ -0,0 +1,7 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 iEYEABECAAYFAlWy7z8ACgkQqmLsRjwOdRyg1QCgp6fVazIhibmgmlefKPEVBUEM
 yDMAnibP6iavxih4przbfR+Fd3LgsARM
 =G+eX
 -----END PGP SIGNATURE-----
--- a/vsftpd-allow-dev-log-socket.patch
+++ b/vsftpd-allow-dev-log-socket.patch
@ -1,30 +0,0 @@
 From: mvyskocil@suse.com
 Subject: enable /dev/log related socket call
 Linux-PAM try to open /dev/log, but as socket is not enabled in seccomp
 sandbox, daemon is killed by SIGSYS. Because the attempt is made by process
 with RLIMIT_NOFILE, the correct fix would be to test if we can open a new fd in
 pam. Anyway I would say the risc is small, and other socket syscalls are disabled.
 Fixes: https://bugzilla.novell.com/show_bug.cgi?id=786024
 Index: vsftpd-3.0.2/seccompsandbox.c
 ===================================================================
 --- vsftpd-3.0.2.orig/seccompsandbox.c
 +++ vsftpd-3.0.2/seccompsandbox.c
@@ -353,6 +353,15 @@ seccomp_sandbox_setup_prelogin(const str
   {
     allow_nr_1_arg_match(__NR_recvmsg, 3, 0);
   }
 +
 +  //this is very probably an attempt to open /dev/log
 +  //it fails because process cannot open any file, so it might be safe
 +  //socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = -1 EMFILE (Too many open files)
 +  allow_nr_3_arg_match(__NR_socket,
 +                       1, PF_FILE,
 +                       2, SOCK_DGRAM | SOCK_CLOEXEC,
 +                       3, 0);
 +
 }
 void
--- a/vsftpd.changes
+++ b/vsftpd.changes
@ -1,3 +1,36 @@
 -------------------------------------------------------------------
 Tue Sep  8 10:57:55 UTC 2015 - tchvatal@suse.com
 - Version bump to 3.0.3:
  * Increase VSFTP_AS_LIMIT to 200MB; various reports.
  * Make the PWD response more RFC compliant; report from Barry Kelly
    <barry@modeltwozero.com>.
  * Remove the trailing period from EPSV response to work around BT Internet
    issues; report from Tim Bishop <tdb@mirrorservice.org>.
  * Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
    <mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
  * Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
    probably have a different distro / libc / etc. and there are multiple reports.
  * Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
    this case gracefully. Report from Vasily Averin <vvs@odin.com>.
  * List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
  * Make some compile-time SSL defaults (such as correct client shutdown
    handling) stricter.
  * Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
    delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
  * Kill the FTP session if we see HTTP protocol commands, to avoid
    cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
  * Kill the FTP session if we see session re-use failure. A report from
    Tim Kosse <tim.kosse@filezilla-project.org>.
  * Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
  * Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
  * Minor SSL logging improvements.
  * Un-default tunable_strict_ssl_write_shutdown again. We still have
    tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
    upload integrity.
 - Drop patch vsftpd-allow-dev-log-socket.patch should be included
  upstream, se above bullet with mvyskocil's email
 -------------------------------------------------------------------
 Tue Jun 23 08:51:32 UTC 2015 - tchvatal@suse.com
--- a/vsftpd.spec
+++ b/vsftpd.spec
@ -17,7 +17,7 @@
 Name:           vsftpd
-Version:        3.0.2
+Version:        3.0.3
 Release:        0
 Summary:        Very Secure FTP Daemon - Written from Scratch
 License:        SUSE-GPL-2.0-with-openssl-exception
@ -44,8 +44,6 @@ Patch8:         vsftpd-2.0.5-utf8-log-names.patch
 Patch9:         vsftpd-2.3.5-conf.patch
 Patch10:        vsftpd-3.0.0_gnu_source_defines.patch
 Patch11:        vsftpd-3.0.0-optional-seccomp.patch
 #PATCH-FIX-OPENSUSE: bnc#786024
 Patch12:        vsftpd-allow-dev-log-socket.patch
 #PATCH-FIX-OPENSUSE: bnc#786024, second issue with pam_login_acct
 Patch13:        vsftpd-drop-newpid-from-clone.patch
 #PATCH-FIX-OPENSUSE: bnc#812406
@ -96,7 +94,6 @@ tests.
 %patch9
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1