Skip to navigation

Bug Fix Advisory lftp bug fix update

Advisory: RHBA-2011:1541-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2012-02-20
Last updated on: 2012-02-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated lftp package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.

LFTP is a sophisticated file transfer program for the FTP and HTTP protocols.
Like bash, it has job control and uses the readline library for input. It has
bookmarks, built-in mirroring, and can transfer several files in parallel. It is
designed with reliability in mind.

This updated lftp package includes fixes for the following bugs:

* The GnuTLS library does not support some previously offered TLS ciphers. As a
consequence, some users experienced the error message, "Fatal error:
gnutls_handshake: A TLS fatal alert has been received", when attempting to use
SSL. With this update, it is now possible to force an SSLv3 connection instead
of TLS using the "set ftp:ssl-auth SSL" configuration directive for servers
without support for any of the TLS ciphers listed. This works both for implicit
and explicit FTPS. (BZ#532099)

* Prior to this update, the lftp client was not able to support "CLEAR COMMAND
CHANNEL" (CCC) mode (RFC4217). Without CCC, Layer 7 aware firewalls cannot see
the PASV port statements necessary to open the requisite data ports for
transfers. This updated package fixes the described weakness and the lftp client
supports CCC mode as intended. As a result data transfers through Layer 7 aware
firewalls no longer fail in the scenario described. (BZ#570495)

* Prior to this update, when the lftp client was started with the "-e" option
and the mget command was used, the returned exit status code was zero,
(success), when creating a connection to a URL had failed due to the specified
URL being non-existent. This update applies a patch that improves the error
handling in mget. As a result, the lftp client now returns exit status code '1',
indicating a failure, when creating a connection fails in the scenario
described. (BZ#727435)

All users of lftp are advised to upgrade to this updated package, which fixes
these bugs.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
lftp-3.7.11-7.el5.src.rpm
File outdated by:  RHBA-2013:0071
    MD5: 28bbfe92fbfc9d43a7c99d94e3cbd54c
SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731
 
IA-32:
lftp-3.7.11-7.el5.i386.rpm
File outdated by:  RHBA-2013:0071
    MD5: 8eb54d0f1852578528c61abe1a10aea8
SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18
 
IA-64:
lftp-3.7.11-7.el5.ia64.rpm
File outdated by:  RHBA-2013:0071
    MD5: 35469b40371ab079a53ed4a16ee07869
SHA-256: c5e45d240738b0ef52809cfba01b808b361a45474f76e52748abeb2a10c25166
 
PPC:
lftp-3.7.11-7.el5.ppc.rpm
File outdated by:  RHBA-2013:0071
    MD5: 5fe148b08e5fe1b62c3ee604f88d1ae4
SHA-256: 0180db5d99746cf6d3d6d1c92c312ad896f700567fe8c20a7a5dc41de2542013
 
s390x:
lftp-3.7.11-7.el5.s390x.rpm
File outdated by:  RHBA-2013:0071
    MD5: 7b83cd7544c48d0394318877fe48ab5d
SHA-256: 848dc31c86715b01be9df9f6e3826fce511222a68168c48cd85cc02c3f4dd93f
 
x86_64:
lftp-3.7.11-7.el5.x86_64.rpm
File outdated by:  RHBA-2013:0071
    MD5: d8a582c46f225a5f6288b5af1bb06126
SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
lftp-3.7.11-7.el5.src.rpm
File outdated by:  RHBA-2013:0071
    MD5: 28bbfe92fbfc9d43a7c99d94e3cbd54c
SHA-256: 506b7fe0e04ed8df0168646d4ec5c43636a8e30c958e05bdb1c8e25ddfcfc731
 
IA-32:
lftp-3.7.11-7.el5.i386.rpm
File outdated by:  RHBA-2013:0071
    MD5: 8eb54d0f1852578528c61abe1a10aea8
SHA-256: 187d7a43cf5011767b328c5942d0059a67cd636acfbb850c570ee2fcd5257d18
 
x86_64:
lftp-3.7.11-7.el5.x86_64.rpm
File outdated by:  RHBA-2013:0071
    MD5: d8a582c46f225a5f6288b5af1bb06126
SHA-256: d06a1c9765ae466f2f8a7059892e5aed1b0f4a8f9575f86f961c0c102d4ef2e7
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

532099 - lftp doesn't work with ssl since RHEL 5.4



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/