Skip to navigation

Bug Fix Advisory ftp bug fix update

Advisory: RHBA-2011:1480-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2012-02-20
Last updated on: 2012-02-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated ftp package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.

The ftp package provides the standard UNIX command line File Transfer Protocol
(FTP) client. FTP is a widely used protocol for transferring files over the
Internet, and for archiving files.

This updated ftp package includes fixes for the following bugs:

* Prior to this update, the value of "cout" was not checked before calling
fclose(cout). As a consequence a segmentation fault could occur if the value of
"cout" was NULL. With this update the code is improved to check that the value
of "cout" is not NULL before calling fclose(cout). As a result a segmentation
fault will no longer occur in the scenario described. (BZ#694757)

* Prior to this update, the "append", "put" and "send" commands caused memory
leaks. Consequently unnecessary residual memory was consumed. With this update,
the code has been improved to free unused memory and the memory leaks no longer
occur. (BZ#735840)

* Prior to this update, the ftp client did not support selecting an active mode
connection from the command line using an option. As a consequence interactive
mode had to be used and therefore it was not possible for scripts to invoke ftp
in active mode. With this update a command line option, "-A", has been added and
as a result active mode can be invoked using scripts. (BZ#531095)

All users of ftp are advised to upgrade to this updated package, which fixes
these bugs.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
ftp-0.17-37.el5.src.rpm
File outdated by:  RHEA-2013:0102
    MD5: 9410c605c8c5ccab75227d6a1789a4c8
SHA-256: c5b1662fc112637b729c8bbf029036ca5640fdefd0a7b52a82d3bd2f37adfa81
 
IA-32:
ftp-0.17-37.el5.i386.rpm
File outdated by:  RHEA-2013:0102
    MD5: b063146b759162538206375fba75679d
SHA-256: 2c813b03aad7f668ecfe7bc38b8c56e46ebc71c51061300ab8dd4a8fbde0ca64
 
IA-64:
ftp-0.17-37.el5.ia64.rpm
File outdated by:  RHEA-2013:0102
    MD5: 7deca011e979e7c63e536fa45c3bd4f9
SHA-256: a839a7e9dd05c0aa71517e1b1b4c17b6b1ff87d763430d89517fb6348ec3bcca
 
PPC:
ftp-0.17-37.el5.ppc.rpm
File outdated by:  RHEA-2013:0102
    MD5: 0806f38ee75edfa975ae91247f5860b8
SHA-256: 48ffc60d83b6d6ee6b2c48bb329f54a4c25b9d90cd7c0c6651bb843ce6cda56b
 
s390x:
ftp-0.17-37.el5.s390x.rpm
File outdated by:  RHEA-2013:0102
    MD5: 4588c918e856ec93e8cf25545a08b2c1
SHA-256: 31ec2fb9ee89890b704ccd59aa89b5ad71fc256b7b05ee2f568b3b2c51e2a0a9
 
x86_64:
ftp-0.17-37.el5.x86_64.rpm
File outdated by:  RHEA-2013:0102
    MD5: ae0d813ea6d99b4fcfeb3407ab605cca
SHA-256: eefed291c1b1325424dd456cea246646947bfe176eed887ce9a0a3562de2f38d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
ftp-0.17-37.el5.src.rpm
File outdated by:  RHEA-2013:0102
    MD5: 9410c605c8c5ccab75227d6a1789a4c8
SHA-256: c5b1662fc112637b729c8bbf029036ca5640fdefd0a7b52a82d3bd2f37adfa81
 
IA-32:
ftp-0.17-37.el5.i386.rpm
File outdated by:  RHEA-2013:0102
    MD5: b063146b759162538206375fba75679d
SHA-256: 2c813b03aad7f668ecfe7bc38b8c56e46ebc71c51061300ab8dd4a8fbde0ca64
 
x86_64:
ftp-0.17-37.el5.x86_64.rpm
File outdated by:  RHEA-2013:0102
    MD5: ae0d813ea6d99b4fcfeb3407ab605cca
SHA-256: eefed291c1b1325424dd456cea246646947bfe176eed887ce9a0a3562de2f38d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

531095 - ftp client does not support active mode from command line invocation


Keywords

ftp


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/