lftp bug fix update
| Advisory: | RHBA-2011:1541-1 |
|---|---|
| Type: | Bug Fix Advisory |
| Severity: | N/A |
| Issued on: | 2012-02-20 |
| Last updated on: | 2012-02-20 |
| Affected Products: | Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
Details
An updated lftp package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.
LFTP is a sophisticated file transfer program for the FTP and HTTP protocols.
Like bash, it has job control and uses the readline library for input. It has
bookmarks, built-in mirroring, and can transfer several files in parallel. It is
designed with reliability in mind.
This updated lftp package includes fixes for the following bugs:
* The GnuTLS library does not support some previously offered TLS ciphers. As a
consequence, some users experienced the error message, "Fatal error:
gnutls_handshake: A TLS fatal alert has been received", when attempting to use
SSL. With this update, it is now possible to force an SSLv3 connection instead
of TLS using the "set ftp:ssl-auth SSL" configuration directive for servers
without support for any of the TLS ciphers listed. This works both for implicit
and explicit FTPS. (BZ#532099)
* Prior to this update, the lftp client was not able to support "CLEAR COMMAND
CHANNEL" (CCC) mode (RFC4217). Without CCC, Layer 7 aware firewalls cannot see
the PASV port statements necessary to open the requisite data ports for
transfers. This updated package fixes the described weakness and the lftp client
supports CCC mode as intended. As a result data transfers through Layer 7 aware
firewalls no longer fail in the scenario described. (BZ#570495)
* Prior to this update, when the lftp client was started with the "-e" option
and the mget command was used, the returned exit status code was zero,
(success), when creating a connection to a URL had failed due to the specified
URL being non-existent. This update applies a patch that improves the error
handling in mget. As a result, the lftp client now returns exit status code '1',
indicating a failure, when creating a connection fails in the scenario
described. (BZ#727435)
All users of lftp are advised to upgrade to this updated package, which fixes
these bugs.
Solution
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Updated packages
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| lftp-3.7.11-7.el5.src.rpm File outdated by: RHBA-2013:0071 |
MD5: 28bbfe92fbfc9d43a7c99d94e3cbd54c SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| IA-32: | |
| lftp-3.7.11-7.el5.i386.rpm File outdated by: RHBA-2013:0071 |
MD5: 8eb54d0f1852578528c61abe1a10aea8 SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
| IA-64: | |
| lftp-3.7.11-7.el5.ia64.rpm File outdated by: RHBA-2013:0071 |
MD5: 35469b40371ab079a53ed4a16ee07869 SHA-256: c5e45d240738b0ef52809cfba01b808b361a45474f76e52748abeb2a10c25166 |
| PPC: | |
| lftp-3.7.11-7.el5.ppc.rpm File outdated by: RHBA-2013:0071 |
MD5: 5fe148b08e5fe1b62c3ee604f88d1ae4 SHA-256: 0180db5d99746cf6d3d6d1c92c312ad896f700567fe8c20a7a5dc41de2542013 |
| s390x: | |
| lftp-3.7.11-7.el5.s390x.rpm File outdated by: RHBA-2013:0071 |
MD5: 7b83cd7544c48d0394318877fe48ab5d SHA-256: 848dc31c86715b01be9df9f6e3826fce511222a68168c48cd85cc02c3f4dd93f |
| x86_64: | |
| lftp-3.7.11-7.el5.x86_64.rpm File outdated by: RHBA-2013:0071 |
MD5: d8a582c46f225a5f6288b5af1bb06126 SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| lftp-3.7.11-7.el5.src.rpm File outdated by: RHBA-2013:0071 |
MD5: 28bbfe92fbfc9d43a7c99d94e3cbd54c SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731 |
| IA-32: | |
| lftp-3.7.11-7.el5.i386.rpm File outdated by: RHBA-2013:0071 |
MD5: 8eb54d0f1852578528c61abe1a10aea8 SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18 |
| x86_64: | |
| lftp-3.7.11-7.el5.x86_64.rpm File outdated by: RHBA-2013:0071 |
MD5: d8a582c46f225a5f6288b5af1bb06126 SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
532099 - lftp doesn't work with ssl since RHEL 5.4
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
