Debian Patches

Status for vsftpd/3.0.5-1

Patch Description Author Forwarded Bugs Origin Last update
0020-manpage-hyphen.patch manpage escaped minus Jörg Frings-Fürst <debian@jff-webhosting.net> not-needed 2014-07-27
0001-builddefs.patch Build with tcpwrapper and SSL support.
diff -Naurp vsftpd.orig/builddefs.h vsftpd/builddefs.h
Daniel Jacobowitz <dan@debian.org> no
0002-config.patch Set default configuration.
===================================================================
Daniel Jacobowitz <dan@debian.org> no
0003-db-doc.patch Description:
A short explanation how to find out the right db version (Closes: #478282).

diff -Naurp vsftpd.orig/EXAMPLE/VIRTUAL_USERS/README vsftpd/EXAMPLE/VIRTUAL_USERS/README
shaul Karl <shaulkarl@yahoo.com> no
0004-link-local.patch Description:
vsftpd does not accept IPv6 scope identifier in listen_address6
(Closes: #544993).
.
When specifying a link-local address, you need a scope identifier (tha name of
the index usually), thus you cannot use the following:
listen_address6=fe80::21f:16ff:fe06:3aab
but you have to use:
listen_address6=fe80::21f:16ff:fe06:3aab%eth0
so that it is clear on which interface this link-local address should be used.
.
Unfortunately, vsftpd does not correctly parse the address mentioned above and
thus fails to be useful in link-local-only environments.
.
This patch fixes it.

===================================================================
Michael Stapelberg <michael@stapelberg.de> no
0005-whitespaces.patch trim white spaces from option values (Closes: #419857, #536803).
===================================================================
Jiri Skala <jskala@redhat.com> no
0006-greedy.patch Fix file listing issue with wildcard (Bugzilla: #392181).
===================================================================
Martin Nagy <mnagy@redhat.com> no
0007-utf8.patch Adding support for UTF8.
===================================================================
Chuck Short <zulcss@ubuntu.com> no
0008-manpage.patch Fixing manpage formatting.
diff -Naurp vsftpd.orig/vsftpd.8 vsftpd/vsftpd.8
Daniel Baumann <mail@daniel-baumann.ch> no
0009-s390.patch Fix vsftpd on s390 (Closes: #602726).
diff -Naurp vsftpd.orig/sysdeputil.c vsftpd/sysdeputil.c
Philipp Kern <pkern@debian.org> no
0010-remote-dos.patch Remote DoS on Linux 2.6.32 (Closes: #629373).
===================================================================
Ben Hutchings <ben@decadent.org.uk> no
0011-alpha.patch Fixing FTBFS on alpha (Closes: #656182).
===================================================================
Michael Cree <mcree@orcon.net.nz> no
0012-buildflags.patch Avoid overwriting build environment.
diff -Naurp vsftpd.orig/Makefile vsftpd/Makefile
Daniel Baumann <mail@daniel-baumann.ch> no
0013-listen.patch removes exclusivity between listen and listen_ipv6 BZ#450853
diff -Naurp vsftpd.orig/vsftpd.conf vsftpd/vsftpd.conf
Jiri Skala <jskala@redhat.com> no
0014-ssl-cert.patch Using ssl-cert for snakeoil certificate.
===================================================================
Daniel Baumann <mail@daniel-baumann.ch> no
0015-disable-clone-newpid.patch Drop CLONE_NEWPID from clone call Kernel audit system prohibits the processes created with CLONE_NEWPID, so an
attempt to log into ftp server ends with
.
audit_log_acct_message() failed: Operation not permitted
.
https://bugzilla.novell.com/show_bug.cgi?id=786024#c38

diff -Naurp vsftpd.orig/sysdeputil.c vsftpd/sysdeputil.c
Michal Vyskocil <mvyskocil@suse.cz> no
0030-kfreebsd.patch Description:
Neither FreeBSD nor GNU/kFreeBSD have libpcap. Avoid confusing
sys/capability.h kernel header with libpcap's
Steven Chamberlain <steven@pyro.eu.org> no debian
0040-disable-anonymous.patch disable anonymous login not-needed http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/utopic/vsftpd/utopic/view/head:/debian/patches/ubuntu-disable-anonymous.patch 2014-10-05
0050-CVE-2015-1419.patch CVE-2015-1419: config option deny_file is not handled correctly Marcus Meissner <meissner@suse.com> no debian https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-1419 2015-02-24
0055-set_default_listen.patch Change the default of tunable_listen. Change the default of tunable_listen to the same as in
man page vsftpd.conf.
Jörg Frings-Fürst <debian@jff-webhosting.net> no debian 2015-04-21
0060-seccomp_sandbox.patch Change default of seccomp_sandbox Jörg Frings-Fürst <debian@jff-webhosting.net> no debian 2015-05-25
0065-upload_download_filename_pattern.patch Restrict upload and download of files to certain name patterns. Thomas B. Preußer <thomas.preusser@utexas.edu> no 2015-12-21
0070-realpath_wrapper.patch realpath wrapper to match not yet existing files in deny_file and others Thomas B. Preußer <thomas.preusser@utexas.edu> no 2015-12-23
0075-logfile.patch Change the modus of the log files to the same as via logrotate Jörg Frings-Fürst <debian@jff-webhosting.net> no 2016-01-17
0076-fix-no-pam-ftbfs.patch =================================================================== no
0077-fix-typo.patch =================================================================== no
ssl.c-correct-setup_bio_callbacks-signat.patch ssl.c: correct setup_bio_callbacks signature
Fixes FTBFS with gcc-15
Chris Hofstaedtler <zeha@debian.org> no 2025-09-05
0078-manpage-defaults.patch Fix defaults values for max_clients and max_per_ip Update "max_clients" and "max_per_ip" defaults in vsftpd.conf(5) according
to reality (and v2.1.2 Changelog).
Lukas Märdian <slyon@ubuntu.com> invalid debian vendor, Debian 2025-11-24
0079-debian-bugfixes.patch Fix multiple bugs reported in Debian BTS This patch addresses four different bugs in the Debian bug tracker:
1. #1012476: Returns 502 Command not implemented instead of 550 for disabled PASV/PORT commands.
2. #950577: Documents the Debian-specific utf8_filesystem option in the man page.
3. #950584: Trims leading and trailing whitespace/tabs in vsftpd.conf parsing.
4. #961712: Dynamically falls back to IPv4 listening if IPv6 is disabled in the kernel.
Keng-Yu Lin <kengyu@debian.org> no debian 2026-06-25
0080-pam-exec-hang.patch Prevent hanging in SIGCHLD handler when using PAM modules that spawn subprocesses Author: Martin Sehnoutka <msehnout@redhat.com>
Bug-Debian: https://bugs.debian.org/952421
Bug-Debian: https://bugs.debian.org/827550
Forwarded: yes
Last-Update: 2026-06-25
no
0081-pasv-address-ipv6.patch Fix pasv_address ignored when listen_ipv6 is enabled When listen_ipv6 is enabled, connections are handled as IPv6-mapped IPv4
addresses. The code checks is_ipv6 which is true, but pasv_address is
allocated as an IPv4 sockaddr. This causes vsf_sysutil_sockaddr_ipv6_v4
to return NULL and append "0,0,0,0" as the passive address. Checking the
address family of the resolved passive sockaddr instead of is_ipv6 resolves
this.
Keng-Yu Lin <kengyu@debian.org> no debian 2026-06-25
0082-debian-bugfixes-tls-utf8.patch Cumulative bug fixes for UTF-8 logging, realpath typo, documentation, and TLS 1.3 compatibility. * Allow UTF-8 characters (high bytes >= 128) in logs and fix 177 typo (Closes: #644920)
* Fix assignment typo in vsf_sysutil_realpath causing double slashes (Closes: #825271)
* Remove obsolete absolute paths to pam_userdb.so in examples (Closes: #885402)
* Cap TLS 1.3 session ticket lifetime at 7 days (604800s) instead of INT_MAX to comply with RFC 8446 (Closes: #929958, #958469)
https://bugs.debian.org/825271
https://bugs.debian.org/885402
https://bugs.debian.org/929958
https://bugs.debian.org/958469

===================================================================
Keng-Yu Lin <kengyu@debian.org> no debian 2026-06-25

All known versions for source package 'vsftpd'

Links