Package Release Info

tnftp-20210827-bp155.1.12

Update Info: Base Release
Available in Package Hub : 15 SP5

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

tnftp

Change Logs

* Fri May 20 2022 Ferdinand Thiessen <rpm@fthiessen.de>

- Update to version 20210827
  * Validate address in server's PASV and LPSV responses. Previously
    a hostile server could cause ftp to open a data connection elsewhere.
  * Avoid intermittent crashes by fixing signal handler restoration.
  * Fix intermittent failures in -q QUITTIME by not using restartable
    signals.
  * Set SO_KEEPALIVE on control connection to attempt to avoid timeouts.
  * Display usage to stdout with -?.
- Update to version 20200705:
  * Avoid crashes by exiting if lostpeer due to a signal
  * Issue PWD commands to the server only when we actually need the
    results, not speculatively, just in case we might.
  * Use "anonymous" instead of the local username for anonymous
    ftp. Avoids unnecesary information leak.
  * Use the first name we requested the http/https URL for, not any
    name we ended up with after random redirects.
  * Support using CONNECT for https:// via proxy.
  * Improve SSL error reporting, and IPv6 endpoint reporting.
  * Use the system glob() if required extensions are supported.
- Drop upstream fixed tnftp-20100108-am_and_libedit.patch
- Drop upstream fixed tnftp-verify_hostname.patch

Version: 20151004-bp154.2.20

* Tue May 26 2020 Cristian Rodríguez <crrodriguez@opensuse.org>

- tnftp ssl client should validate hostnames and certificates,
  so for example tnftp -d https://revoked.badssl.com/example
  fails to connect. (tnftp-verify_hostname.patch), There are
  at least two reports about this misbehaviour online but it has
  never been fixed. Patch targets openSSL 1.1.x and later
  so specify requirement in spec file.

Version: 20151004-bp153.1.16

Version: 20151004-bp152.3.13

Version: 20151004-bp151.3.1

Version: 20151004-bp151.2.14

Version: 20151004-bp150.1.3

* Mon Aug 08 2016 asterios.dramis@gmail.com

- Update to version 20151004:
  * Implement '-x xferbufsize' to set xferbuf size.
  * Add Server Name Indication (SNI) support for https.
  * Increase buffer limit used for response handling.
- Removed post/pre requirement coreutils (not needed).
- Fixes for update-alternatives usage.

* Tue Apr 07 2015 p.drouand@gmail.com

- Update to version 20141104
  * Portability fixes
- Changes from version 20141031
  * Ignore special character behaviour in filenames not provided
  by the user.
  * Fixes CVE-2014-8517.
  * Fix timeout on HTTP fetches.
- Remove tnftp-cve-2014-8517.patch; fixed on upstream release

* Thu Oct 30 2014 tchvatal@suse.com

- Apply fix for bnc#903011 CVE-2014-8517
  * tnftp-cve-2014-8517.patch
- Version bump to 20130505:
  * various triv fixes
  * more ssl support
  * refresh tnftp-20100108-am_and_libedit.patch
- Cleanup with spec-cleaner
- Use update-alternatives properly
- Do not verify the sig in spec, just let OBS do it

* Mon Apr 29 2013 mvyskocil@suse.com

- verify tarball using gpg-offline
- remove obsoleted PreReq and reformat spec

* Wed Apr 11 2012 andreas.stieger@gmx.de

- fix openSUSE builds
- add autoconf, automake, libtool build requirements
- remove INSTALL file from package

* Mon Aug 01 2011 crrodriguez@opensuse.org

- There is no need to check for ncurses, not directly used
  by this package but by libedit for which we use the system version.

* Sun Jul 31 2011 crrodriguez@opensuse.org

- First package version, this is the segue from lukemftp