Recommended update for vsftpd
| Announcement ID: | SUSE-RU-2017:1319-1 |
| Rating: | low |
| References: | #1012814 #1024961 |
| Affected Products: |
An update that has two recommended fixes can now be installed.
Description:
This update for vsftpd provides the following fix:
- Fix interoperability with ftp clients when vsftpd is configured with
option "use_localtime=YES" (bsc#1024961)
- Enable ECDH based perfect forward secrecy in the SSL mode and use the
"DEFAULT" openssl cipher list as default instead of 3DES.
This update also provides a new vsftpd-openssl1 package in the SECURITY
Module, to offer TLS 1.2 support, which can be installed additionaly.
If you are using vsftpd started from sysvinit, the sysvinit init script
will select the TLS 1.2 version automatically when the package is
installed.
If you are using vsftpd started from the XINETD service file, please
change the "server" value in the /etc/xinetd.d/vsftpd file from
/usr/sbin/vsftpd to /opt/suse/sbin/vsftpd.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-vsftpd-13108=1 - SUSE Linux Enterprise Server 11-SECURITY:
zypper in -t patch secsp3-vsftpd-13108=1 - SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-vsftpd-13108=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
- vsftpd-2.0.7-4.43.1
- SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64):
- vsftpd-openssl1-2.0.7-4.43.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
- vsftpd-debuginfo-2.0.7-4.43.1
- vsftpd-debugsource-2.0.7-4.43.1