An updated gFTP package that fixes a directory traversal issue is now
available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
gFTP is a multi-threaded FTP client for the X Window System.
A directory traversal bug was found in gFTP. If a user can be tricked into
downloading a file from a malicious ftp server, it is possible to overwrite
arbitrary files owned by the victim. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0372 to
this issue.
Users of gftp should upgrade to this updated package, which contains a
backported fix for this issue.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
| Red Hat Desktop (v. 3) |
|
| SRPMS: |
| gftp-2.0.14-4.src.rpm |
b1f1c96f874c88ca7876bd4b89ea84d8 |
| |
| IA-32: |
| gftp-2.0.14-4.i386.rpm |
d70901a39c11289a7062f74bbddbbf47 |
| |
| x86_64: |
| gftp-2.0.14-4.x86_64.rpm |
4f4d275023718ad3999cd454f55ab3ca |
| |
| Red Hat Desktop (v. 4) |
|
| SRPMS: |
gftp-2.0.17-5.src.rpm
File outdated by: RHBA-2009:1031 |
33d5e9f32fd24288b45d621e02daa0f5 |
| |
| IA-32: |
gftp-2.0.17-5.i386.rpm
File outdated by: RHBA-2009:1031 |
9e9c8b22418ac80d805a43e0d6530fc6 |
| |
| x86_64: |
gftp-2.0.17-5.x86_64.rpm
File outdated by: RHBA-2009:1031 |
4718135258fd4a5334f6de3516972ae6 |
| |
| Red Hat Enterprise Linux AS (v. 2.1) |
|
| SRPMS: |
| gftp-2.0.8-5.src.rpm |
9ad04edd854e04b291b8ad13cdbb1329 |
| |
| IA-32: |
| gftp-2.0.8-5.i386.rpm |
43668a3d9304b5bd3e1c10089e0d1aad |
| |
| IA-64: |
| gftp-2.0.8-5.ia64.rpm |
f6d35d6320d0c829994dfbfd2059acd8 |
| |
| Red Hat Enterprise Linux AS (v. 3) |
|
| SRPMS: |
| gftp-2.0.14-4.src.rpm |
b1f1c96f874c88ca7876bd4b89ea84d8 |
| |
| IA-32: |
| gftp-2.0.14-4.i386.rpm |
d70901a39c11289a7062f74bbddbbf47 |
| |
| IA-64: |
| gftp-2.0.14-4.ia64.rpm |
25b3c26a26f2ff5f7da7398c76cf1a62 |
| |
| PPC: |
| gftp-2.0.14-4.ppc.rpm |
e8bd14e811c5f61980523908488f517f |
| |
| s390: |
| gftp-2.0.14-4.s390.rpm |
0c41a94c255a367ca689550da2fc3f61 |
| |
| s390x: |
| gftp-2.0.14-4.s390x.rpm |
8d5cd4377701caf95823a616cdaccb01 |
| |
| x86_64: |
| gftp-2.0.14-4.x86_64.rpm |
4f4d275023718ad3999cd454f55ab3ca |
| |
| Red Hat Enterprise Linux AS (v. 4) |
|
| SRPMS: |
gftp-2.0.17-5.src.rpm
File outdated by: RHBA-2009:1031 |
33d5e9f32fd24288b45d621e02daa0f5 |
| |
| IA-32: |
gftp-2.0.17-5.i386.rpm
File outdated by: RHBA-2009:1031 |
9e9c8b22418ac80d805a43e0d6530fc6 |
| |
| IA-64: |
gftp-2.0.17-5.ia64.rpm
File outdated by: RHBA-2009:1031 |
60fbcc6fd5db5d4b468c680d89b52cf3 |
| |
| PPC: |
gftp-2.0.17-5.ppc.rpm
File outdated by: RHBA-2009:1031 |
f406c09280eac463ce88e5126bb06715 |
| |
| s390: |
gftp-2.0.17-5.s390.rpm
File outdated by: RHBA-2009:1031 |
2c7593bcd854a18c2ee08c15c59c8459 |
| |
| s390x: |
gftp-2.0.17-5.s390x.rpm
File outdated by: RHBA-2009:1031 |
d8956d0266bad37b28a7cba9a1ef636f |
| |
| x86_64: |
gftp-2.0.17-5.x86_64.rpm
File outdated by: RHBA-2009:1031 |
4718135258fd4a5334f6de3516972ae6 |
| |
| Red Hat Enterprise Linux ES (v. 2.1) |
|
| SRPMS: |
| gftp-2.0.8-5.src.rpm |
9ad04edd854e04b291b8ad13cdbb1329 |
| |
| IA-32: |
| gftp-2.0.8-5.i386.rpm |
43668a3d9304b5bd3e1c10089e0d1aad |
| |
| Red Hat Enterprise Linux ES (v. 3) |
|
| SRPMS: |
| gftp-2.0.14-4.src.rpm |
b1f1c96f874c88ca7876bd4b89ea84d8 |
| |
| IA-32: |
| gftp-2.0.14-4.i386.rpm |
d70901a39c11289a7062f74bbddbbf47 |
| |
| IA-64: |
| gftp-2.0.14-4.ia64.rpm |
25b3c26a26f2ff5f7da7398c76cf1a62 |
| |
| x86_64: |
| gftp-2.0.14-4.x86_64.rpm |
4f4d275023718ad3999cd454f55ab3ca |
| |
| Red Hat Enterprise Linux ES (v. 4) |
|
| SRPMS: |
gftp-2.0.17-5.src.rpm
File outdated by: RHBA-2009:1031 |
33d5e9f32fd24288b45d621e02daa0f5 |
| |
| IA-32: |
gftp-2.0.17-5.i386.rpm
File outdated by: RHBA-2009:1031 |
9e9c8b22418ac80d805a43e0d6530fc6 |
| |
| IA-64: |
gftp-2.0.17-5.ia64.rpm
File outdated by: RHBA-2009:1031 |
60fbcc6fd5db5d4b468c680d89b52cf3 |
| |
| x86_64: |
gftp-2.0.17-5.x86_64.rpm
File outdated by: RHBA-2009:1031 |
4718135258fd4a5334f6de3516972ae6 |
| |
| Red Hat Enterprise Linux WS (v. 2.1) |
|
| SRPMS: |
| gftp-2.0.8-5.src.rpm |
9ad04edd854e04b291b8ad13cdbb1329 |
| |
| IA-32: |
| gftp-2.0.8-5.i386.rpm |
43668a3d9304b5bd3e1c10089e0d1aad |
| |
| Red Hat Enterprise Linux WS (v. 3) |
|
| SRPMS: |
| gftp-2.0.14-4.src.rpm |
b1f1c96f874c88ca7876bd4b89ea84d8 |
| |
| IA-32: |
| gftp-2.0.14-4.i386.rpm |
d70901a39c11289a7062f74bbddbbf47 |
| |
| IA-64: |
| gftp-2.0.14-4.ia64.rpm |
25b3c26a26f2ff5f7da7398c76cf1a62 |
| |
| x86_64: |
| gftp-2.0.14-4.x86_64.rpm |
4f4d275023718ad3999cd454f55ab3ca |
| |
| Red Hat Enterprise Linux WS (v. 4) |
|
| SRPMS: |
gftp-2.0.17-5.src.rpm
File outdated by: RHBA-2009:1031 |
33d5e9f32fd24288b45d621e02daa0f5 |
| |
| IA-32: |
gftp-2.0.17-5.i386.rpm
File outdated by: RHBA-2009:1031 |
9e9c8b22418ac80d805a43e0d6530fc6 |
| |
| IA-64: |
gftp-2.0.17-5.ia64.rpm
File outdated by: RHBA-2009:1031 |
60fbcc6fd5db5d4b468c680d89b52cf3 |
| |
| x86_64: |
gftp-2.0.17-5.x86_64.rpm
File outdated by: RHBA-2009:1031 |
4718135258fd4a5334f6de3516972ae6 |
| |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor |
|
| SRPMS: |
| gftp-2.0.8-5.src.rpm |
9ad04edd854e04b291b8ad13cdbb1329 |
| |
| IA-64: |
| gftp-2.0.8-5.ia64.rpm |
f6d35d6320d0c829994dfbfd2059acd8 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
149109 - CAN-2005-0372 directory traversal issue in gftp
gftp security update