diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD index 1185eff..ce6afb2 100644 --- a/trunk/PKGBUILD +++ b/trunk/PKGBUILD @@ -5,8 +5,8 @@ # Contributor: judd pkgname=vsftpd -pkgver=3.0.3 -pkgrel=8 +pkgver=3.0.5 +pkgrel=1 pkgdesc='Very Secure FTP daemon' url='https://security.appspot.com/vsftpd.html' arch=('x86_64') @@ -23,10 +23,9 @@ source=(https://security.appspot.com/downloads/${pkgname}-${pkgver}.tar.gz{,.asc vsftpd@.service vsftpd-ssl.service vsftpd-ssl@.service - vsftpd-fix-seccomp.patch vsftpd-conf-pam.patch vsftpd-disable-anonymous-access-by-default.patch) -sha256sums=('9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7' +sha256sums=('26b602ae454b0ba6d99ef44a09b6b9e0dfa7f67228106736df1f278c70bc91d3' 'SKIP' 'd5185e48fffc6253499a55e0fe0f90a3424fc639640af11a9d38df33fb145afe' '9fdbfd2ec0207170371ca3cf2b0ddca2dc2fe3d062e5792e0d3e51474c3198c9' @@ -34,10 +33,10 @@ sha256sums=('9d4d2bf6e6e2884852ba4e69e157a2cecd68c5a7635d66a3a8cf8d898c955ef7' 'd7b8e4827d4f6bafcbf52f9d2d7380958c7b08bb3f757806aa89d4bc06c9671c' 'b88a50fc68b3bf746d13c9a777df77791cd3eac6eb7c2df655418071c2adf422' '4a55c2468b08d858f71bacf1f4885847bec8e548b0e92088068d9bdd3884af84' - '8bb7e4e4640137d38a2944859c2f443eea559ecb7f594c0fa4e962539107af66' '751715726c4b888d5c96846ac0bd0d64238cceb28ef3c2ef447af85cdc2b79f1' '4baa5a2db122974fa2a9603d335aed59dee5ad4217615fbe247301d129281d20') -validpgpkeys=('8660FD3291B184CDBC2F6418AA62EC463C0E751C') # Chris Evans +validpgpkeys=('8660FD3291B184CDBC2F6418AA62EC463C0E751C' # Chris Evans + '67A2AB4F41F9972C21F6BF667B89011BCAE1CFEA') # Chris Evans prepare() { cd ${pkgname}-${pkgver} @@ -46,10 +45,6 @@ prepare() { sed -e 's|/usr/share/empty|/var/empty|g' -i tunables.c vsftpd.conf.5 INSTALL sed -e 's|/usr/local/sbin/vsftpd|/usr/bin/vsftpd|' -i EXAMPLE/INTERNET_SITE/${pkgname}.xinetd - # fix linking to openssl 1.1 - sed -e 's|SSL_library_init|SSL_CTX_new|' -i vsf_findlibs.sh - - patch -Np1 < ../vsftpd-fix-seccomp.patch patch -Np1 < ../vsftpd-conf-pam.patch patch -Np1 < ../vsftpd-disable-anonymous-access-by-default.patch } diff --git a/trunk/keys/pgp/67A2AB4F41F9972C21F6BF667B89011BCAE1CFEA.asc b/trunk/keys/pgp/67A2AB4F41F9972C21F6BF667B89011BCAE1CFEA.asc new file mode 100644 index 0000000..38317c7 --- /dev/null +++ b/trunk/keys/pgp/67A2AB4F41F9972C21F6BF667B89011BCAE1CFEA.asc @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGCyyncBEADCkx7Uh4mO2Q590LFi7gCh+Ivm1MqsK+pBXmIiIMBPFLMKqmji +boJiJFu4QcB/ZJZOLVBKKwbQfN/7IeulNkrvMhnu+jJizz0hUDDLQjuoScx53+MW +zwIPhI7OAJ6kurlHo0b1wvNnJD5ENmwxrOTYL5bHxut/05a+uTaruPFQPNOMYMzs +rOvIZrzv0lcW/8ZL4tAFvlkogfiGNC9Vfxy4Px8lyVhhfiVzVY3+UNJMM69n6QAt +kUH07xpV+vn7I3lD4dZM96zFnrXuQhwJba3fbCY9vFN0NDRVdF3tYl2xwJhXMJtM +jtQ1Tw9ykRMPsLlaiow0/uW3mYrTYjDP12VxukCEg6a240mhT4jAVA4cSoOCdGBJ +AZCQk5SLbr/MwikggUyS9Fu3d10WKUSyQFS8NWQGHpaFSIIp3T/dGTe6fprhXzFo +vvLv26OCFNvn4vTHz4lMzZZJjYLNtlcriJoSPCCe8/fI9BmgARmFxiKgY5ENQOrY +cZUJJ3sHre52aqCETgz+w8j5o/cAU8iizlYxYsJK/Y+QXlVIzyV8oQGm/jvXhrhi +CgB4xx96cthfolv2Lj+Dz90d/MYKB3suX38Q1ZNhxCZjIcoE+dcn+uGHUqzm4sot +gN37P1Xfijn15L2cHoV1itasVlOc92HrEUEaBWpB6QXF6nEYkkgA2agnMwARAQAB +tCNDaHJpcyBFdmFucyA8c2NhcnliZWFzdHNAZ21haWwuY29tPokCVAQTAQgAPhYh +BGeiq09B+ZcsIfa/ZnuJARvK4c/qBQJgssp3AhsDBQkSzAMABQsJCAcCBhUKCQgL +AgQWAgMBAh4BAheAAAoJEHuJARvK4c/qW6QP/2dZFkqxQl7hGJizaGIMCHXV1R2G +0r1S3GyVSRZEUWuVvv2UMjxYx6DZhhoaTGRNi0gXVrTVL3FG8yBfLN2LQQCSXK4k +eee8FIXSp1LhwciAJKN+Z5nc0i7R6Qy6cIvc82DO6Y4FaMJZoO5lWbl1WjEYO/oN +NJAp7U3J+BWYKTzIB+Nh2vaapzj2XrNB6dh3ry2nj7yZmerPquYtXsuNRfi/c/Z0 +2t+TiSEFZW83/NZFGbDhhzWB19TMFM5oUpSBH6Yw02ASseaZBRBK0gLhfKGEnf2W +KgrwcGd41kMxia6UsrXiG3ZjDR+gF/sed93ZdLWpyYxN4DinirCt/+i1/L5RWCSg +Xus1SviMmnTfhB7WB+WfrIauLpPZOZhdLc3vSBdBmOZ6+p0qLQC2eK2rehM6kQzw +nd9vmCtws2l5HGsBngrBEIkXsPVSVZKEUB8xH57nbIzn7igsUgrTBdz8K61oMaAu +iEZzRJ35P81B3uJqZyqjkONm/1J9d081V2aiASJw/vfiAEkjpws488ZWkg9FFSFJ +VqvAUu6p/g152GP+vatqFT1sH8zxXLLrwGlcktZFNfTYSnscQ9NU/L761anjrgM4 +Oi7ks4jLq91vwvxW9E9TNyuMUJj85412xPIwx1o1+fKGwzi1d+01uQ73aPmp6Z4l +idE6tmV5wVSuMGSCuQINBGCyyncBEADIM7Z+1GxMvEtKRyWukfL5w8C4Bqid6M7N +yCCs8bT1lunc7/weiNCOFigZDfAaSoFQpVe22YZABeWD/wO0iY9x+wOwpnsGhmC9 +7H/c0+g4IT7fKkaNVMbvUGfo9dWrXD2gtFzZJruMnPbj0HeFqSHvkGbMM7dLyMlF +K295F901iFvvfw7jSQyVGVS97i7swXj9F/O13jedIbh+3TWdkKk/YqmMsETjkcOe +UvmY7P7pTKEpdimvY2I1B8PsBJkyjdZA8G+eiG1STa0+Vj4yVtMJodKJDJbY6+y7 +M9hajCdUTplLWTbxzPMo54KjTOzyLVT7mfugUlS7WQWrVWVtvScJsvaec95+p/Bx +UdJVwylVjQrxJxI8Bk2yrIgu7/rj+uYGV5+TNKjJWFkQw0YDJ1NkcvVjU7WIwNCl +X6s5s/tuX+yzUA+DBSHx0WuqtGWYaFgXeO/pWPidc8ovYFVIAr3QB76AeEL3ZJj3 +ttN5jk96zOlaVxOOlEC6zX5TJ7Z+aQHBPq8RN/G8o99sOdx5QuKqvhHe8673eIMY +CWPgNSSMJ/7I5IBLsIfIv2UWgLPPHS8s/HTwPacU0/L4pahh553uAhC4QP7BPkYw +p4KXGasR3v9YxuSa33IraJALC6eF2t3L0CLUMzsc0pgLCmGqzskbrP8p0daBjFCS +KofV+jOiQQARAQABiQI8BBgBCAAmFiEEZ6KrT0H5lywh9r9me4kBG8rhz+oFAmCy +yncCGwwFCRLMAwAACgkQe4kBG8rhz+qDNRAAsG3lta/eQ+yWTHCXxXYfw94jm/bx +XFUcvSOwjO+vB5tCt8Q0JmxoZ6PDD/bkcGSDz8FHjhxiIGYKPQiyu7jeZDAijBzu +MLf3yGuubM6SUoXB1olkTbs9DTSFdTPqbM8eYn14CVHk19w/in/Oe11BD0I7D4Qg +bkjIAkIKf01AxbcLFKOMihqhSEIEeqP70DIP8hT3arefk2wgEKG108SOzCPD1YQ7 +sEkYX2lRXjqBefHmIGLVllF3v+jUHYFIVz62i/OVMBHXF0D9Qn39cE5e94VdRZIf +0hdizes1w48o9DxVSs+5TTtuLfFtsY+22OqZZ1cxXrdNUBCB4XEllrDdu58Qr7No +fpDPDB4AVatWkpB288C/USl1UJgvhuvZs1AKChi9egfoMJczkZMvgQeiKagQkyeb +l/W7vT3wX4R2WvcM4n6rlPkvRNvO+jw9owSDWuF+6iB0DWEpv5hMjPEfTBv0sYTH +T/sOcV7vKV9Q6JsQwvfOagI9OAkXbxbjpbQgk/jlaaz/9+5wIy2vvW69Nh7ZfFNO +RU1GhwNbghLwbHF7rrGvpwlV9hwpaMYcplvkW9bMgjPGpwxecE1zDdhO8Zq9QXyb +dvDqRPNAqsWd/LwwqRpG36/YI4f5Pdv38W9/HoXlqj9+Uaa/TyDl9TIlBCYcnrzM +SEfMQy8pH/YWOBk= +=QcZC +-----END PGP PUBLIC KEY BLOCK----- diff --git a/trunk/vsftpd-fix-seccomp.patch b/trunk/vsftpd-fix-seccomp.patch deleted file mode 100644 index cb0b51b..0000000 --- a/trunk/vsftpd-fix-seccomp.patch +++ /dev/null @@ -1,37 +0,0 @@ -From ecaa07c31a68bca0e4c8159d447e0b9ef7c5b350 Mon Sep 17 00:00:00 2001 -From: Olivier Brunel -Date: Fri, 14 Apr 2017 22:50:31 +0200 -Subject: [PATCH] Fix unable to list dirs w/ more than 31 items - -Trying to list directories with more than 31 items would fail due to seccomp -filter being too strict: - -ftp> ls dir -200 PORT command successful. Consider using PASV. -150 Here comes the directory listing. -500 OOPS: 421 Service not available, remote server has closed connection - -This was due to vsftpd calling qsort() and glibc in turn calling -sysinfo(), which wasn't allowed, hence SIGSYS. - -Signed-off-by: Olivier Brunel ---- - seccompsandbox.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/seccompsandbox.c b/seccompsandbox.c -index 2c350a9..13c8c78 100644 ---- a/seccompsandbox.c -+++ b/seccompsandbox.c -@@ -297,6 +297,8 @@ seccomp_sandbox_setup_base() - allow_nr_1_arg_mask(__NR_mprotect, 3, PROT_READ); - allow_nr(__NR_munmap); - allow_nr(__NR_brk); -+ allow_nr(__NR_sysinfo); -+ allow_nr(__NR_getdents64); - /* glibc falls back gracefully if mremap() fails during realloc(). */ - reject_nr(__NR_mremap, ENOSYS); - --- -2.12.2 -