diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2016-06-30 20:26:57 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 23:31:18 +0200 |
commit | d31c50870d0bee042ce660e445c9294a59a3a65b (patch) | |
tree | 6bfc0de3c95267b401b620c2c67859557dc60f97 /source/n/vsftpd | |
parent | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (diff) | |
download | current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.gz |
Slackware 14.2slackware-14.2
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!
The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/n/vsftpd')
-rw-r--r-- | source/n/vsftpd/slack-desc | 2 | ||||
-rwxr-xr-x | source/n/vsftpd/vsftpd.SlackBuild | 7 | ||||
-rw-r--r-- | source/n/vsftpd/vsftpd.conf.diff | 18 | ||||
-rw-r--r-- | source/n/vsftpd/vsftpd.crypt.diff | 20 |
4 files changed, 39 insertions, 8 deletions
diff --git a/source/n/vsftpd/slack-desc b/source/n/vsftpd/slack-desc index 82b9f521..cc4b231e 100644 --- a/source/n/vsftpd/slack-desc +++ b/source/n/vsftpd/slack-desc @@ -13,7 +13,7 @@ vsftpd: Obviously this is not a guarantee, but a reflection that the entire vsftpd: codebase was written with security in mind, and carefully designed to vsftpd: be resilient to attack (as well as extremely fast and scalable). vsftpd: -vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: The vsftpd homepage is https://security.appspot.com/vsftpd.html vsftpd: vsftpd: The Very Secure FTP Daemon was written by Chris Evans. vsftpd: diff --git a/source/n/vsftpd/vsftpd.SlackBuild b/source/n/vsftpd/vsftpd.SlackBuild index 9a2e7fc8..f03206b6 100755 --- a/source/n/vsftpd/vsftpd.SlackBuild +++ b/source/n/vsftpd/vsftpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,14 +22,14 @@ PKGNAM=vsftpd VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-3} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -62,6 +62,7 @@ find . \ zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1 make $NUMJOBS || make || exit 1 diff --git a/source/n/vsftpd/vsftpd.conf.diff b/source/n/vsftpd/vsftpd.conf.diff index 1f410a7a..ac3c6ab2 100644 --- a/source/n/vsftpd/vsftpd.conf.diff +++ b/source/n/vsftpd/vsftpd.conf.diff @@ -1,6 +1,5 @@ -diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf ---- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500 -+++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500 +--- ./vsftpd.conf.orig 2011-12-17 12:24:40.000000000 -0600 ++++ ./vsftpd.conf 2016-04-11 18:34:26.772862375 -0500 @@ -19,7 +19,7 @@ # # Default umask for local users is 077. You may wish to change this to 022, @@ -24,7 +23,7 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf # # You may change the default value for timing out an idle session. #idle_session_timeout=600 -@@ -101,12 +101,13 @@ +@@ -104,14 +104,24 @@ # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. @@ -43,3 +42,14 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. + # Make sure, that one of the listen options is commented !! + #listen_ipv6=YES ++# ++# The seccomp sandbox feature adds an additional layer of security, but has ++# been known to cause various problems depending on the kernel version. ++# Problems may include kernel audit warnings in the system logs, or even ++# failure to get a directory listing (or do much of anything in directories ++# with enough files to trigger the issue). ++# If you see errors like "OOPS: priv_sock_get_cmd" make sure this option is ++# set to NO. We'll set it to NO by default since we want a reliable ftpd. ++seccomp_sandbox=NO diff --git a/source/n/vsftpd/vsftpd.crypt.diff b/source/n/vsftpd/vsftpd.crypt.diff new file mode 100644 index 00000000..87503d57 --- /dev/null +++ b/source/n/vsftpd/vsftpd.crypt.diff @@ -0,0 +1,20 @@ +--- ./sysdeputil.c.orig 2012-09-15 23:18:04.000000000 -0500 ++++ ./sysdeputil.c 2016-06-12 23:49:19.539253144 -0500 +@@ -285,7 +285,7 @@ + return 0; + } + p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp); +- if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp)) ++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp)) + { + return 1; + } +@@ -293,7 +293,7 @@ + } + #endif /* VSF_SYSDEP_HAVE_SHADOW */ + p_crypted = crypt(str_getbuf(p_pass_str), p_pwd->pw_passwd); +- if (!vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd)) ++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd)) + { + return 1; + } |