Recommended update for vsftpd

Announcement ID:	SUSE-RU-2017:2563-1
Rating:	moderate
References:	bsc#1042137 bsc#1044292 bsc#1048427 bsc#1052900
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2

An update that has four fixes can now be installed.

Description:

This update for vsftpd provides the following fixes:

• Fix a bug in vsftpd that would cause SSL protocol errors, aborting the connection, whenever system errors occurred that were supposed to be non-fatal. (bsc#1044292)
• Fix a seccomp failure that happens in FIPS mode when SSL is enabled. (bsc#1052900)
• Allow the FTP server to append to a file system pipe. (bsc#1048427)
• Create a new configuration option "address_space_limit", which determines the memory limit vsftpd configures for its own process (given in bytes). The previously hard-coded limit (100 MB) may not be sufficient for vsftpd servers running with certain PAM modules enabled, and in such cases administrators may wish to raise the limit to match their system's requirements. (bsc#1042137)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1588=1
• SUSE Linux Enterprise High Performance Computing 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1588=1
• SUSE Linux Enterprise Server 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1588=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1588=1
• SUSE Linux Enterprise Server 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1588=1
• SUSE Linux Enterprise High Performance Computing 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1588=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1588=1

Package List:

• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise Server 12 SP3 (aarch64 ppc64le s390x x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise High Performance Computing 12 SP3 (aarch64 x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3 (ppc64le x86_64)
  • vsftpd-3.0.2-40.3.1
  • vsftpd-debuginfo-3.0.2-40.3.1
  • vsftpd-debugsource-3.0.2-40.3.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1042137
• https://bugzilla.suse.com/show_bug.cgi?id=1044292
• https://bugzilla.suse.com/show_bug.cgi?id=1048427
• https://bugzilla.suse.com/show_bug.cgi?id=1052900