SHA256
1
0
forked from pool/vsftpd
Commit Graph

105 Commits

Author SHA256 Message Date
Dominique Leuenberger
04dcd130a7 Accepting request 334376 from network
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/334376
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=53
2015-10-14 14:38:04 +00:00
Tomáš Chvátal
44ffe22ac1 - Clean-up the init.d support to be bit more readable and add missing dep
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=92
2015-09-21 11:35:52 +00:00
Tomáš Chvátal
71ffe127d6 Accepting request 332591 from home:worldcitizen:branches:network
Brought back additional systemv support so it also builds for SLES 10 and 11

OBS-URL: https://build.opensuse.org/request/show/332591
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=91
2015-09-21 11:27:21 +00:00
Stephan Kulow
e15069f3f5 Accepting request 329655 from network
- Version bump to 3.0.3:
  * Increase VSFTP_AS_LIMIT to 200MB; various reports.
  * Make the PWD response more RFC compliant; report from Barry Kelly
    <barry@modeltwozero.com>.
  * Remove the trailing period from EPSV response to work around BT Internet
    issues; report from Tim Bishop <tdb@mirrorservice.org>.
  * Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
    <mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
  * Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
    probably have a different distro / libc / etc. and there are multiple reports.
  * Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
    this case gracefully. Report from Vasily Averin <vvs@odin.com>.
  * List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
  * Make some compile-time SSL defaults (such as correct client shutdown
    handling) stricter.
  * Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
    delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
  * Kill the FTP session if we see HTTP protocol commands, to avoid
    cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
  * Kill the FTP session if we see session re-use failure. A report from
    Tim Kosse <tim.kosse@filezilla-project.org>.
  * Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
  * Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
  * Minor SSL logging improvements.
  * Un-default tunable_strict_ssl_write_shutdown again. We still have
    tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
    upload integrity.
- Drop patch vsftpd-allow-dev-log-socket.patch should be included
  upstream, se above bullet with mvyskocil's email

OBS-URL: https://build.opensuse.org/request/show/329655
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=52
2015-09-19 04:53:10 +00:00
Tomáš Chvátal
7cbe902ddd - Version bump to 3.0.3:
* Increase VSFTP_AS_LIMIT to 200MB; various reports.
  * Make the PWD response more RFC compliant; report from Barry Kelly
    <barry@modeltwozero.com>.
  * Remove the trailing period from EPSV response to work around BT Internet
    issues; report from Tim Bishop <tdb@mirrorservice.org>.
  * Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
    <mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
  * Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
    probably have a different distro / libc / etc. and there are multiple reports.
  * Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
    this case gracefully. Report from Vasily Averin <vvs@odin.com>.
  * List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
  * Make some compile-time SSL defaults (such as correct client shutdown
    handling) stricter.
  * Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
    delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
  * Kill the FTP session if we see HTTP protocol commands, to avoid
    cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
  * Kill the FTP session if we see session re-use failure. A report from
    Tim Kosse <tim.kosse@filezilla-project.org>.
  * Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
  * Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
  * Minor SSL logging improvements.
  * Un-default tunable_strict_ssl_write_shutdown again. We still have
    tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
    upload integrity.
- Drop patch vsftpd-allow-dev-log-socket.patch should be included
  upstream, se above bullet with mvyskocil's email

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=89
2015-09-08 11:05:12 +00:00
Dominique Leuenberger
5a2482fd2a Accepting request 313269 from network
- Fix logrotate script to not fail when vsftpd is not running,
  bnc#935279

OBS-URL: https://build.opensuse.org/request/show/313269
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=51
2015-07-02 20:45:27 +00:00
Tomáš Chvátal
b1b099bd31 OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=87 2015-06-23 11:59:00 +00:00
Tomáš Chvátal
00561d057d - Fix logrotate script to not fail when vsftpd is not running,
bnc#935279

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=86
2015-06-23 08:52:14 +00:00
Dominique Leuenberger
d1cb551b4c Accepting request 297784 from network
- Fix hide_file option wrt bnc#927612:
  * vsftpd-path-normalize.patch

OBS-URL: https://build.opensuse.org/request/show/297784
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=50
2015-04-21 23:13:40 +00:00
Tomáš Chvátal
e99b855311 - Fix hide_file option wrt bnc#927612:
* vsftpd-path-normalize.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=84
2015-04-17 16:36:11 +00:00
Dominique Leuenberger
a51ff1a0fe Accepting request 294583 from network
- bnc#925963 stat is sometimes run on wrong path and results with
  ENOENT, ensure we sent both dir+file to filter verification:
  * vsftpd-path-normalize.patch

- Update patch bit more for sanity checks. Done by rsassu@suse.de:
  * vsftpd-path-normalize.patch

- Add back patch attempting to fix bnc#900326 bnc#915522 and
  bnc#922538:
  * vsftpd-path-normalize.patch

- Reset filter patch to match fedora, my work will be restarted
  in one-off patch to make the changes stand out. Add rest of
  RH filtering patches:
  * vsftpd-2.2.0-wildchar.patch
  * vsftpd-2.3.4-sqb.patch
  * vsftpd-2.1.0-filter.patch

- Work on the filter patch and split out the normalisation of the
  path to separate str function, currently commented out so I
  avoid huge diffing.
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/request/show/294583
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=49
2015-04-07 07:28:55 +00:00
Tomáš Chvátal
1cbf7ab3a0 ENOENT, ensure we sent both dir+file to filter verification:
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=82
2015-04-05 11:40:52 +00:00
Tomáš Chvátal
e939f108e5 OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=81 2015-04-05 10:35:19 +00:00
Tomáš Chvátal
abd20973e8 - bnc#925963 stat is sometimes run on wrong path and results with
ENOENT:
  * vsftpd-path-normalize.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=80
2015-04-05 10:34:03 +00:00
Tomáš Chvátal
ef6c0131cb - Update patch bit more for sanity checks. Done by rsassu@suse.de:
* vsftpd-path-normalize.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=79
2015-03-25 10:08:56 +00:00
Tomáš Chvátal
6cd1b030f0 OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=78 2015-03-25 08:45:22 +00:00
Tomáš Chvátal
915fc9626d OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=77 2015-03-23 20:59:56 +00:00
Tomáš Chvátal
fa040448aa - Add back patch attempting to fix bnc#900326 bnc#915522 and
bnc#922538:
  * vsftpd-path-normalize.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=76
2015-03-23 20:22:32 +00:00
Tomáš Chvátal
8c317ca736 - Reset filter patch to match fedora, my work will be restarted
in one-off patch to make the changes stand out. Add rest of
  RH filtering patches:
  * vsftpd-2.2.0-wildchar.patch
  * vsftpd-2.3.4-sqb.patch
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=75
2015-03-23 20:10:51 +00:00
Tomáš Chvátal
c67fd3688c - Work on the filter patch and split out the normalisation of the
path to separate str function, currently commented out so I
  avoid huge diffing.
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=74
2015-03-23 19:57:06 +00:00
Dominique Leuenberger
c74dd85729 Accepting request 287539 from network
- Add service calls for other unit files too
- Udate filter patch to work as expected:
  * vsftpd-2.1.0-filter.patch

  from fedora. bnc#900326 bnc#915522 CVE-2015-1419

OBS-URL: https://build.opensuse.org/request/show/287539
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=48
2015-02-27 10:03:46 +00:00
Tomáš Chvátal
de2ebfe3ec - Udate filter patch to work as expected:
from fedora. bnc#900326 bnc#915522 CVE-2015-1419

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=72
2015-02-24 14:52:29 +00:00
Tomáš Chvátal
e1041567b4 - Add service calls for other unit files too
- WIP udate filter patch to work as expected:
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=71
2015-02-20 12:14:28 +00:00
Dominique Leuenberger
6e7def679d Accepting request 267273 from network
- Try to fix deny_file parsing to do more what is expected. Taken
  from fedora. bnc#900326
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/request/show/267273
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=47
2015-01-08 22:20:01 +00:00
Tomáš Chvátal
67c49824e6 - Try to fix deny_file parsing to do more what is expected. Taken
from fedora. bnc#900326
  * vsftpd-2.1.0-filter.patch

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=69
2015-01-02 10:33:48 +00:00
Dominique Leuenberger
faaeb4136e Accepting request 261591 from network
1

OBS-URL: https://build.opensuse.org/request/show/261591
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=46
2014-11-24 10:11:13 +00:00
Vítězslav Čížek
eaca6cd4e5 Accepting request 261557 from home:dimstar:gpg2
OBS-URL: https://build.opensuse.org/request/show/261557
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=67
2014-11-14 12:23:22 +00:00
Stephan Kulow
cf9eabb97f Accepting request 247114 from network
1

OBS-URL: https://build.opensuse.org/request/show/247114
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=45
2014-09-03 16:21:32 +00:00
473a538edc Accepting request 246751 from home:matejcik:branches:network
- force using fork() instead of clone() on s390 - fixes bnc#890469
  * vsftpd-3.0.2-s390.patch

OBS-URL: https://build.opensuse.org/request/show/246751
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=65
2014-09-01 15:38:56 +00:00
Stephan Kulow
fa0b1f8c7e Accepting request 235383 from network
- Cleanup with spec-cleaner
- Remove conditions about init files as we do not build for < 12.1
  anyway.
- Update the README.SUSE file to describe more the listen option.

- Add socket service for vsftpd to avoid the need for xinetd here.

- Add comment about listen variables for xinetd configuration.
  Fixes bnc#872221.
- Add default configuration as arg to xinetd started vsftpd.
- Updated patch:
  * vsftpd-2.0.4-xinetd.diff

OBS-URL: https://build.opensuse.org/request/show/235383
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=43
2014-05-27 10:03:19 +00:00
Tomáš Chvátal
210c375786 - Cleanup with spec-cleaner
- Remove conditions about init files as we do not build for < 12.1
  anyway.
- Update the README.SUSE file to describe more the listen option.

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=63
2014-05-26 13:22:17 +00:00
Tomáš Chvátal
9c280be826 - Add socket service for vsftpd to avoid the need for xinetd here.
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=62
2014-05-26 13:00:04 +00:00
Tomáš Chvátal
66115111e4 - Add comment about listen variables for xinetd configuration.
Fixes bnc#872221.
- Add default configuration as arg to xinetd started vsftpd.
- Updated patch:
  * vsftpd-2.0.4-xinetd.diff

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=61
2014-05-26 12:48:36 +00:00
Stephan Kulow
68185af8ed Accepting request 229628 from network
- Move the enabling of timeofday and alarm one level deeper to
  be sure it is whitelisted everytime.
  Also should possibly fix bnc#872215.
- Updated patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Remove forking from service type as it hangs in endless loop.

- Fix warning about dangling symlink on rcvsftpd from rpmlint and
  remove also clean section while at it.

- Add patch to allow gettimeofday and alarm calls with seccomp
  enabled. bnc#870122
- Added patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Specify that the service type is forking

- changed license to SUSE-GPL-2.0-with-openssl-exception
  * suggested by legal team

- add allow_root_squashed_chroot option to enable chroot on nsf
  mounted with squash_root option (fate#311051)
  * vsftpd-root-squashed-chroot.patch (forwarded request 229627 from scarabeus_iv)

OBS-URL: https://build.opensuse.org/request/show/229628
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=42
2014-04-11 11:42:43 +00:00
Michal Hrusecky (old before rename to _miska_)
10243a939a Accepting request 229627 from home:scarabeus_iv
- Move the enabling of timeofday and alarm one level deeper to
  be sure it is whitelisted everytime.
  Also should possibly fix bnc#872215.
- Updated patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Remove forking from service type as it hangs in endless loop.

- Fix warning about dangling symlink on rcvsftpd from rpmlint and
  remove also clean section while at it.

- Add patch to allow gettimeofday and alarm calls with seccomp
  enabled. bnc#870122
- Added patch:
  * vsftpd-enable-gettimeofday-sec.patch

- Specify that the service type is forking

- changed license to SUSE-GPL-2.0-with-openssl-exception
  * suggested by legal team

- add allow_root_squashed_chroot option to enable chroot on nsf
  mounted with squash_root option (fate#311051)
  * vsftpd-root-squashed-chroot.patch

OBS-URL: https://build.opensuse.org/request/show/229627
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=59
2014-04-10 13:24:27 +00:00
Stephan Kulow
5f771a3cf6 Accepting request 183971 from network
- build with OPENSSL_NO_SSL_INTERN this hides internal struct
  members or functions that if changed in future openssl versions
  will break the ABI of the calling applications. (forwarded request 183859 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/183971
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=40
2013-07-22 12:56:49 +00:00
bf16e86507 Accepting request 183859 from home:elvigia:branches:network
- build with OPENSSL_NO_SSL_INTERN this hides internal struct
  members or functions that if changed in future openssl versions
  will break the ABI of the calling applications.

OBS-URL: https://build.opensuse.org/request/show/183859
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=57
2013-07-22 09:06:23 +00:00
Stephan Kulow
6a3abd6e08 Accepting request 162591 from network
- add vsftpd-enable-dev-log-sendto.patch (bnc#812406#c1)
  * this enabled a sendto on /dev/log socket when syslog is enabled
- provide more verbose explanation about isolate_network and seccomp_sanbox in
  config file template
- don't install init file on openSUSE 13.1+
- drop a build support for SL 10 and older

- add vsftpd-drop-newpid-from-clone.patch (bnc#786024#c38)
  * drop CLONE_NEWPID from clone to enable audit system
- add vsftpd-enable-fcntl-f_setfl.patch (bnc#812406)
  * unconditionally enable F_SETFL patch - might be safe to do (forwarded request 162590 from mvyskocil)

OBS-URL: https://build.opensuse.org/request/show/162591
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=39
2013-04-05 05:43:21 +00:00
Michal Vyskocil
4d064f5b44 Accepting request 162590 from home:mvyskocil:branches:network
- add vsftpd-enable-dev-log-sendto.patch (bnc#812406#c1)
  * this enabled a sendto on /dev/log socket when syslog is enabled
- provide more verbose explanation about isolate_network and seccomp_sanbox in
  config file template
- don't install init file on openSUSE 13.1+
- drop a build support for SL 10 and older

- add vsftpd-drop-newpid-from-clone.patch (bnc#786024#c38)
  * drop CLONE_NEWPID from clone to enable audit system
- add vsftpd-enable-fcntl-f_setfl.patch (bnc#812406)
  * unconditionally enable F_SETFL patch - might be safe to do

OBS-URL: https://build.opensuse.org/request/show/162590
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=55
2013-04-04 10:09:44 +00:00
Stephan Kulow
40abef61e5 Accepting request 157548 from network
- add isolate_network and seccomp_sandbox options to template to make them
  easier to find (bnc#786024) (forwarded request 157236 from lnussel)

OBS-URL: https://build.opensuse.org/request/show/157548
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=38
2013-03-07 06:35:30 +00:00
Ismail Dönmez
8ba24f68c9 Accepting request 157236 from home:lnussel:branches:network
- add isolate_network and seccomp_sandbox options to template to make them
  easier to find (bnc#786024)

OBS-URL: https://build.opensuse.org/request/show/157236
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=53
2013-03-06 18:42:15 +00:00
Stephan Kulow
1265a2b4ae Accepting request 156829 from network
PLEASE COPY TO 12.3!
- add vsftpd-allow-dev-log-socket.patch (bnc#786024)
  * whitelist /dev/log related socket syscall

OBS-URL: https://build.opensuse.org/request/show/156829
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=37
2013-03-01 08:06:02 +00:00
Michal Vyskocil
861f8bae8f - add vsftpd-allow-dev-log-socket.patch (bnc#786024)
* whitelist /dev/log related socket syscall

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=51
2013-02-28 13:31:50 +00:00
Stephan Kulow
0a4005396e Accepting request 145730 from network
Verify GPG signature: Perform build-time offline GPG verification.
Please verify that included keyring matches your needs.
For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System.
See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO.

If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO:
you can link or aggregate gpg-offline from
devel:tools:building or use following trick with "osc meta prjconf":

--- Cut here ----
%if 0%{?suse_version} <= 1220
Substitute: gpg-offline
%endif

Macros:
%gpg_verify(dnf) \
%if 0%{?suse_version} > 1220\
echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\
gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\
%else\
echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\
%endif\
%nil
-----------------
 (forwarded request 143938 from sbrabec)

OBS-URL: https://build.opensuse.org/request/show/145730
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=35
2012-12-19 12:42:31 +00:00
Michal Vyskocil
a423e9b8bd Accepting request 143938 from home:sbrabec:gpg-offline-verify
Verify GPG signature: Perform build-time offline GPG verification.
Please verify that included keyring matches your needs.
For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System.
See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO.

If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO:
you can link or aggregate gpg-offline from
devel:tools:building or use following trick with "osc meta prjconf":

--- Cut here ----
%if 0%{?suse_version} <= 1220
Substitute: gpg-offline
%endif

Macros:
%gpg_verify(dnf) \
%if 0%{?suse_version} > 1220\
echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\
gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\
%else\
echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\
%endif\
%nil
-----------------

OBS-URL: https://build.opensuse.org/request/show/143938
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=49
2012-12-18 10:10:02 +00:00
Stephan Kulow
7dba396ae8 Accepting request 142032 from network
- Fix useradd invocation: -o is useless without -u and newer
  versions of pwdutils/shadowutils fail on this now.

Error masked by7 || : (forwarded request 142025 from dimstar)

OBS-URL: https://build.opensuse.org/request/show/142032
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=34
2012-11-20 19:19:24 +00:00
Sascha Peilicke
5c7f501f37 Accepting request 142025 from home:dimstar:branches:network
- Fix useradd invocation: -o is useless without -u and newer
  versions of pwdutils/shadowutils fail on this now.

Error masked by7 || :

OBS-URL: https://build.opensuse.org/request/show/142025
OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=47
2012-11-20 09:46:06 +00:00
Stephan Kulow
112be97403 Accepting request 138998 from network
- update to 3.0.2 (bnc#786024) 
  * Fix some seccomp related build errors on certain CentOS and Debian versions.
  * Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
  opens and maps /proc/meminfo but only for larger item counts?
  * Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
  * Fix various NULL crashes with nonsensical config settings. Noted by Tianyin
  Xu <tixu@cs.ucsd.edu>.
  * Force cast to unsigned char in is* char functions.
  * Fix harmless integer issues in strlist.c.
  * Started on a (possibly ill-advised?) crusade to compile cleanly with
  Wconversion. Decided to suspend the effort half-way through.
  * One more seccomp policy fix: mremap (denied).
  * Support STOU with no filename, uses a STOU. prefix.

OBS-URL: https://build.opensuse.org/request/show/138998
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=33
2012-10-24 05:19:35 +00:00
Michal Vyskocil
cc0b3b4805 - update to 3.0.2 (bnc#786024)
* Fix some seccomp related build errors on certain CentOS and Debian versions.
  * Seccomp filter sandbox: missing munmap() -- oops. Did you know that qsort()
  opens and maps /proc/meminfo but only for larger item counts?
  * Seccomp filter sandbox: deny socket() gracefully for text_userdb_names.
  * Fix various NULL crashes with nonsensical config settings. Noted by Tianyin
  Xu <tixu@cs.ucsd.edu>.
  * Force cast to unsigned char in is* char functions.
  * Fix harmless integer issues in strlist.c.
  * Started on a (possibly ill-advised?) crusade to compile cleanly with
  Wconversion. Decided to suspend the effort half-way through.
  * One more seccomp policy fix: mremap (denied).
  * Support STOU with no filename, uses a STOU. prefix.

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=45
2012-10-22 13:40:00 +00:00
Stephan Kulow
d195e8e869 Accepting request 131864 from network
- make seccomp sandbox enabled by default
  * dropped vsftpd-3.0.0-turn-seccomp-sandbox-off.patch

OBS-URL: https://build.opensuse.org/request/show/131864
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vsftpd?expand=0&rev=32
2012-08-31 08:02:42 +00:00