Group :: System/Servers
RPM: vsftpd
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
19 december 2020 Dmitry V. Levin <ldv at altlinux.org> 3.0.3-alt2
- Updated seccomp filter (closes: #27752, #35901).
- Fixed build with gcc-10.
- 3.0.2 -> 3.0.3.
- /etc/xinetd.d/vsftpd: raised rlimit_as from 100M to 200M (closes: #31925).
- Cleanup previous seccomp sandbox fixes.
- Enabled fcntl F_SETFL O_RDONLY|O_LARGEFILE in seccomp sandbox
(closes: #27752).
- Enabled gettimeofday syscall in seccomp sandbox.
- Updated to 3.0.2 (closes: #27752).
- Updated to 3.0.0.
- Build vsftpd as a PIE.
- Updated to 2.3.5.
- Added systemd support files (by Alexey Shabalin; closes: #25653).
- Updated to 2.3.4 (fixes CVE-2011-0762).
- Updated to 2.3.2.
- /etc/pam.d/vsftpd: Changed to use common-login.
- Updated to 2.2.2.
- Fixed regression in LFS support introduced in previous release
(thanks to Sergey Vlasov; closes: #22128).
- Updated to 2.2.1.
- Updated to 2.2.0.
- vsftpd.conf: Added comment about anonftp (Michael Shigorin; closes: #3560).
- Updated to 2.1.1.
- Updated to 2.1.0.
- vsftpd.conf: Added comment about chroot_local_user (closes: #13228).
- vsftpd.pamd:
+ Added pam_loginuid.so to the session stack.
+ Moved system-auth to the bottom of the auth stack.
- Updated to 2.0.7.
- Updated EXAMPLE/VIRTUAL_USERS/vsftpd.pam to something usable
(Alexey Borisenkov; closes: #18489).
- Updated to 2.0.6.
- /etc/xinetd.d/vsftpd:
Increased default virtual memory limit from 16M to 64M.
- Switched source packaging model to use .gear-tags.
- Updated to 2.0.5.
- Deal with compilation warnings generated by new gcc compiler.
- Updated to 2.0.4.
- Updated to 2.0.3.
- Rediffed patches.
- Synced with 2.0.3-owl1.
- vsftpd.conf(5): note that session_support is disabled by default.
- vsftpd.pamd: set default session management rule.
- Corrected pam config and documentation.
- Updated to 1.2.2.
- Updated to 1.2.1, see Changelog for details.
- Updated patches.
- PAM configuration policy enforcement.
- Fixed few typos in comments for default config and manpages.
- Built with libpam_userpass.so.1.
- 1.1.2:
+ Add per-IP connection limits in standalone mode.
+ Add logging of refused connect due to global or IP connection limits.
(Many thanks for testing and suggestions from Rob van Nieuwkerk
robn@verdi.et.tudelft.nl> and Adrian Reber <adrian@lisas.de>.
+ Make connection limit exceeded messages nonblocking.
+ Don't exit the listener if fork fails. - Added flow control diagram
(from Owl CanSecWest/core02 / NordU2002 presentation slides).
- 1.1.1:
+ Fix port_promiscuous, oops! Thanks to Bjørn-Ove Heimsund
<bjornoh@mi.uib.no>.
+ Fix to support umasks which create executable files. Reported by
"Martin, Andreas" <AMartin@hegau-klinikum.de>.
+ Make the messages more.. professional :( Thanks to Steven G. Taylor
<staylor@redhat.com>.
+ Allow anon users to append to files if they can delete files! Suggestion
from Michael Leuchtenburg <michael@slashhome.org>.
+ Hopefully fix Solaris build (-lresolv)
+ Replace atoll() with a homebrew - modern FreeBSD, OpenBSD lack it.
+ Different solution for a umask which creates executable files:
file_open_mode.
+ First attempt at Tru64 build, working with <Sulla17@aol.com>.
+ A few minor FAQ additions.
+ Change date format in the log from Sep 09 -> Sep 9. Avoids breaking some
broken log parsers.
+ Make "INSTALL" better and clearer.
+ Fix passwd_chroot_enable, reported by James Jones <james@richland.edu>.
+ Finish Tru64 building :-)
+ Add tunable_no_anon_password as asked for by Stephen Quinney
<stephen.quinney@computing-services.oxford.ac.uk>. - Updated URL.
- 1.1.0:
+ Use the seemingly more portable setreuid() and setregid(), poxy HP.
+ Use status 550 instead of 500 for known but disabled commands.
+ Rename "dirchange.[ch]" to "banner.[ch]".
+ Multiline connect banner support via "banner_file" config option.
+ Minor error message changes.
+ Add more FAQ entries.
+ Add patch to specify PASV address - thanks to Mike McLean <mikem@redhat.com>.
+ Drop the 2.4.0 kernel warning file
+ Rudimentary standalone listener support - to be expanded in a later release.
+ If sendfile() returns EINVAL just fall back to normal routines - handles
non-pagecache backed files.
+ Add "port_promiscuous" setting - should help enabling FXP.
+ Modify anon_root and local_root to change directory _before_ applying the
chroot().
+ Open all files O_NONBLOCK to avoid pipes blocking on open.
+ Support wu-ftpd style per-user chroot() via /./ in /etc/passwd HOMEDIR.
+ Add SIGHUP support to new built in listener.
+ Per-user config overrides, via "user_config_dir" - woohoo!
+ Warning fixes, i.e. change "index" to "indexx" thanks to Olaf Kirch <okir@suse.de>.
+ Make sure the standalone daemon doesn't leak zombies!
+ Supposedly fix kernel messages about MSG_PEEK race - thanks to advice from
Alexey <kuznet@ms2.inr.ac.ru>.
+ Add global client limit for standalone mode.
+ Add username that failed when we die with str_getpwnam.
+ Add a bunch of documentation under EXAMPLES.
+ Add large file (>2Gb) support. - Added /etc/vsftpd/banner_fail config file.
- Fixed vsftpd(8) (#0001113).
- 1.0.2pre3 (added options: use_localtime, hide_ids).
- Set hide_ids to YES.
- logrotate config: s/nocompress/delaycompress/.
- Added pam_userpass support (derived from Owl's patch).
- 1.0.1 (Nothing changed except version number).
- Fixed typo in manpage.
- Create logfile in %post script.
- 1.0.0 (added options: anon_root, local_root; updated: BENCHMARKS, README).
- Added more examples to default config file.
- Initial revision. ALT specific adaptions are:
+ all config files have been moved into /etc/vsftpd;
+ default guest, anonymous and nobody users are: vsftpd, vsftpd, novsftpd;
+ default config defines bsd-compatible passive min/max ports;
+ default secure_chroot_dir set to /var/empty;
+ xinetd config: disable = yes, rlimit_as = 16M;
+ pamd config: use pam_stack(system-auth), pam_nologin;
+ compile/link options cleanup.