SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for lftp-4.9.2-lp155.163.2.x86_64.rpm :

* Wed Jul 31 2024 Marcus Meissner - lftp-gcc14.patch: fixed issues with gcc14
* Thu Jan 25 2024 Peter Simons - Apply \"0001-lftp_ssl-deinitialize-the-lftp_ssl_openssl_instance.patch\" to fix a crash that ocurred when lftp is run on s390x with an IBM crypto card installed. The issue has been reported to upstream at https://github.com/lavv17/lftp/issues/716. [bsc#1213984]
* Wed Jul 26 2023 Peter Simons - The lftp_wrapper script has been deprecated over 1.5 years ago. It\'s time to remove it from the package. [jsc#SLE-17861]- Dropped patches:
* 0004-Include-config.h-to-detect-gnulib-macros.patch
* add-deprecation-warning-to-lftp-wrapper.patch- Refreshed patches:
* 0002-Add-content-of-lftp-compat-addfiles.patch.patch
* 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch
* lftp-default-ssl-cipher.patch
* Mon Nov 22 2021 Peter Simons - Deprecate the lftp_wrapper script. It is still available as an \"update-alternative\" for \"ftp\", but it is no longer used by default. The default implementation of \"ftp\" now is the \"lftp\" executable. [jsc#SLE-19631] Lftp_wrapper is an internal creation of SUSE, dating back to 2005. It was developed to help some customers transition from lukemftp, which disappeared from SLE between versions 11 and 12, to lftp. To make the transition as smooth as possible, the wrapper was made the default FTP client. However, the code was never upstreamed and it was never properly reviewed. From a security perspective (and FTP clients are definitely a target for attackers), this is rather worrying. There are many issues with lftp_wrapper, in addition to the low code quality and the fact that it has no real upstream:
* Customers are reporting bugs: bsc#974874, bsc#1178363.
* It has no manual page (\"man ftp\" displays the lftp manual page, despite both having different command line options).
* Some command line options are not actually implemented, or only work in specific cases.
* It was only designed for non-interactive use, but this is only mentioned in the source code. As a result, customers are not aware of that limitation, and use the wrapper also interactively, or pseudo-interactively, and complain when it doesn\'t work. The newly added \"add-deprecation-warning-to-lftp-wrapper.patch\" introduces a deprecation warning for users who might still rely on the script to make them aware that this wrapper script is going to be removed from the distribution.
* Mon Aug 24 2020 Dirk Mueller - update to 4.9.2:
* mkdir: fixed exit code with -f option.
* ftp: made ftp:use-pret setting tri-boolean.
* get/mget/put/mput: don\'t try next files after error if cmd:fail-exit is true.
* get/mget: fixed -O option with remote URL and xfer:use-temp-file being true.
* mirror: disallow empty patterns; don\'t delete \"..\".
* mirror: fixed --on-change with --reverse.
* sftp: fixed a bug with truncated files when packets are reordered (finally).
* Thu Jan 16 2020 Ismail Dönmez - Update to version 4.9.1
* get1: fixed creating the target directory.
* get1: fixed renaming the temp file.
* fixed a coredump on startup when IPv6 is not supported or configured.
* Tue Jan 14 2020 Ismail Dönmez - Update to version 4.9.0
* ftp: add support for CEPR command.
* ftp: enabled TLS by default.
* ftp: fixed OPTS MLST format.
* ftps: apply rfc1738 rules.
* ftp: stop sending ALLO commands by default.
* http: fixed redirection to absolute path.
* http: improved index parsing performance.
* http: revert to original URL when temporary redirects led to an error.
* mirror --no-empty-dirs: exclude empty dirs so that chmod is not done on them.
* net: disable inet6 if there is no public ipv6 address.
* net: lowered reconnect intervals.
* sftp, fish: fixed yes/no/[fingerprint] and passphrase recognition.
* sftp: fixed a bug with truncated files when packets are reordered.
* torrent: fixed a coredump when all dht ports are busy.
* fixed file list sorting when some file names start with tilde.
* fixed retry counting when a site has multiple addresses.
* fixed \"version\" command for certain openssl versions.- Drop relax-ssh-password-prompt-recognition.patch, fixed upstream.
* Tue Mar 19 2019 Peter Simons - Refresh \"relax-ssh-password-prompt-recognition.patch\" to the solution upstream chose in commit 0bcd1d2d6bfb9d53. The previous patch assumed incorrectly that the underlying buffer would always contain a NUL-terminated string. [bsc#1120946]
* Wed Feb 27 2019 Peter Simons - Add \"relax-ssh-password-prompt-recognition.patch\" to make sure the SSH login handling code detects password prompts more reliably. [bsc#1120946]
* Thu Oct 04 2018 Ismail Dönmez - Update to version 4.8.4
* Fixed a security vulnerability with \"file:\" file names. CVE-2018-10916 bsc#1103367
* Fixed mirror --flat.
* http: extract links from tags.
* Fixed upload of zero-length files over ftps.
* Fixed assert on \"mput -d\".
* Fixed a core dump.
* Avoid multiple backup files of DHT cache.
* Translations updated (uk, zh_CN).- Remove upstream patch:
* fix-zero-byte-file-upload-via-ssl.patch
* Fri Mar 16 2018 psimonsAATTsuse.com- Added openSUSE-specific patches that implement a wrapper script called \"ftp\" on top of the lftp command that is compatible to lukemftp. Those patches are maintained in a fork of the upstream project at https://github.com/opensuse/lftp. [bsc#1083331]
* 0001-Add-content-of-the-SUSE-lftp-vi-1.1-archive.patch
* 0002-Add-content-of-lftp-compat-addfiles.patch.patch
* 0003-Add-content-of-lftp-completion.patch.patch
* 0004-Include-config.h-to-detect-gnulib-macros.patch
* 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch
* Wed Feb 28 2018 psimonsAATTsuse.com- fix-zero-byte-file-upload-via-ssl.patch: fix a bug that caused lftp to break the TLS protocol and lose the connection when trying to upload a 0 byte length file. [bsc#1079168]
* Sat Nov 11 2017 aavindraaAATTgmail.com- update to 4.8.3:
* fixed 2 other core dumps on exit (incorrect order of deallocation).
* fixed compilation with older C++ compilers.
* Wed Oct 04 2017 astiegerAATTsuse.com- update to 4.8.2:
* fixed a memory leak
* fixed a core dump on exit- includes changes from 4.8.1:
* improved rate limiting to allow per-host limits
* ftp: make prefer-epsv default \"no\"
* ftp: fixed quote command and ftp:use-stat-for-list setting
* switched to libidn2
* fixed configure --disable-rpath
* fixed coredump when a parent directory was deleted- includes changes from 4.8.0:
* mirror: improved performance of --scan-all-first for big trees
* mirror: new --flat option to flatten the target directory structure
* mmv: new command for file moving; redirect mv to mmv in certain cases
* fixed compilation with newer openssl (1.1.0 and later)
* du: allow multiple --exclude options to be combined
* new setting cmd:nullglob for `glob\' command prefix
* http: use proppatch to set last-modified property
* new settings net:connection-limit-timer and ftp:too-many-re
* ftp: dynamically ajust connection limit
* ftp: fixed core dump on LINK/SYMLINK when the command is not supported
* get1: fixed -o option
* sftp,fish: connect-program setting is now passed to the shell for execution
* get/mget/put/mput: add -P option for parallel transfers and long options
* fixed \"local glob\"- build with libidn2- package desktop file
* Wed Apr 26 2017 tchvatalAATTsuse.com- Version update to 4.7.7:
* License has changed from GPL-2.0+ to GPL-3.0+
* Various small fixes all around- Remove all internal patches, if the ftp compat is needed we need to upstream it on github:
* lftp-autoconf-req.patch
* lftp-compat-addfiles.patch
* lftp-completion.patch
* lftp-config_h.patch
* lftp-stdio.h.patch
* lftp-vi.1.1.tar.gz
* lftp-wrapper+edit+compat-modify.patch- Pass all the configure arguments to ensure nothing gets automagically disabled- Remove unused dependencies
* Wed Mar 01 2017 psimonsAATTsuse.com- Fork lftp in SLE-12-SP3 to use the version from Factory to enable support for OpenSSL as requested in fate#321022. That change also obsoletes the following patches, which SLE previously required:
* lftp-deal-gracefully-with-ipv6-failures.patch corresponds to upstream commit 58bfcfc2b00c and has been included since release 4.7.2 [bnc#975913].
* lftp-ca-bundle-path.patch is necessary only when lftp was compiled against GNUTLS, but we use OpenSSL now [bnc#792456].- Normalize spec file with spec-cleaner.
* Fri Nov 25 2016 idonmezAATTsuse.com- lftp 4.7.4:
* mirror: new option --directory (-F) for source directories glob pattern.
* mirror: fixed coredump with --depth-first + --recursion=newer.
* mirror: create inaccessible directories anyway.
* pget, torrent: avoid long delays in posix_fallocate(3) call.
* new setting dns:name for host aliases.
* ftp: allow SSL after certain types of ftp proxy.
* http: fixed interpretation of links without a protocol.
* cls: fixed glob metacharacter unquoting.
* sftp: fixed mirroring of files with a leading tilde.
* fixed transfer logging.
* Mon Aug 08 2016 asterios.dramisAATTgmail.com- lftp 4.7.3:
* mirror: don\'t add source directory base name to the target if the source ends with a slash.
* mirror: fixed transfer count tracking in --scan-all-first mode.
* new setting file:use-fallocate.
* fixed \"kill all\" to remove queued commands.
* fixed xfer:log-file setting to a writable file in a protected directory.
* fixed xfer:clobber to allow output to non-plain files.
* fixed mirror --Move to really keep source dir if it ends with a slash. From 4.7.2:
* ftp: fixed loss of 17th file from MLSD listing.
* new setting xfer:timeout.
* ssl: improved ssl performance for small read sizes.
* pget: allocate all needed disk space at once.
* http: new settings http:use-range and hftp:use-range.
* http: fixed setting http:authorization.
* http: resolve redirections when getting files information.
* http: include X-OC-MTime header in PUT requests for OwnCloud.
* mirror: changed --Move option to keep source dir if it ends with a slash.
* mirror: fixed timestamp mirroring when the source site sends redirections.
* mirror: don\'t report errors when the target does not support chmod.
* torrent: discard cached data after validating.
* torrent: fixed a coredump on a file read error.
* torrent: fixed closing oldest cached FD.
* torrent/DHT: fixed our external IP voting.
* torrent/DHT: black-list nodes which change node_id often.
* torrent/DHT: black-list nodes which report many bad nodes.
* torrent/DHT: ignore nodes with our own ID.
* torrent/DHT: made node search more robust.
* torrent/DHT: mark new nodes as questionable.
* translations updated (zh_TW, ru).- Added new build requirements libexpat-devel, libidn-devel and zlib-devel.- Fixes for update-alternatives usage.- Rebased lftp-wrapper+edit+compat-modify.patch to apply cleanly.
* Wed May 11 2016 moioAATTsuse.com- lftp 4.7.0:
* ftp: add MODE Z support.
* ftp: new settings ftp:use-mode-z, ftp:compressed-re, ftp:mode-z-level.
* ftp: add MFF support for chmod.
* ftp: prefer EPSV by default.
* ftp: prefer CWD-relative paths.
* ftp: enable MLSD by default (when supported).
* ftp: assume AUTH is supported based on other newer features.
* http: add support for digest authentication.
* http: fixed webdav directory listing.
* http: fixed a coredump when using a proxy for https.
* sftp: fixed mirror to sftp with xfer:use-temp-file set.
* ssl: optimized ssl for speed and lower syscall count.
* ssl: log server\'s certificate fingerprint.
* ssl: allow disabling certificate verification by its fingerprint.
* get: rename backup file back if new file cannot be retrieved.
* get: new settings xfer:backup-suffix and xfer:keep-backup.
* get/put/mget/mput/pget/get1: add -q (quiet) option.
* edit: allow creating a new file.
* new debug option -T (truncate output file).
* new mirror options: --{in,ex}clude-{rx,glob}-from.
* new mirror options: --Remove-source-dirs, --Move.- lftp 4.7.1:
* http: fixed authentication for proxy, transient errors, max-retries=1.
* http: fixed put with authentication not to use HEAD request.
* translations updated (cs, ru).
* Mon Dec 14 2015 andreasAATTsuse.de- lftp 4.6.5:
* sftp: fixed handling of out-of-order replies.
* fixed futex_wait issue in SIGCHLD handler.
* ftp: fixed ls freezing with unstable server connection.
* torrent: show more correct ETA on the status line.
* fixed gnutls priority string.
* mirror: fixed excessive stack usage on large directories.
* documented some hard to fix bugs.
* improved man page on open command and cmd:prompt setting.
* translations updated (zh_TW).
* Fri Aug 21 2015 astiegerAATTsuse.com- lftp 4.6.4:
* mirror: new option --transfer-all.
* torrent: new setting torrent:timeout to limit time without any progress.
* torrent: fixed handling of udp tracker without explicit port number.
* torrent: improved transfer start time after metadata download.
* improved sftp put -c to use a single FSETSTAT.
* mirror --skip-noaccess now uses user name to check for permissions.
* don\'t rename temporary file to the target name when transfer fails.
* new cmd:prompt escapes \\l and \\L for local working directory.
* Fri Jun 19 2015 kstreitovaAATTsuse.com- update to 4.6.3a
* new mirror setting mirror:overwrite and options - -overwrite/--no-overwrite.
* new mirror option --upload-older.
* new mirror option --recursion={always,never,missing,newer}.
* try to download zero sized files as they may be non-empty.
* torrent: new options --only-new, --only-incomplete.
* torrent: fixed endless loop in FD deallocation.
* fixed a memleak when parsing a directory listing with special files.
* fixed one byte buffer overflow in cls.
* fixed cmd:fail-exit description in the man page.
* fixed large stack usage when parsing fish directory listings.- refresh lftp-stdio.h.patch- use spec-cleaner
* Thu May 28 2015 idonmezAATTsuse.com- Update to version 4.6.2:
* new command \"edit\" instead of the edit alias.
* new setting ssl:priority for disabling selected protocols.
* new settings fish:auto-confirm and sftp:auto-confirm.
* new setting file:use-lock to lock local files before accessing.
* ftp: fixed disconnecting on timeout (broken in 4.6.0).
* http: enclose ipv6 address in brackets in URLs and Host header.
* fixed mirror for http protocol with redirections.
* fixed `bookmark edit\' to use correct XDG path if XDG is used.
* fixed a wildcard certificate validation vulnerability (CVE-2014-0139).
* fixed proxy authentication for CONNECT method.
* fixed exit code of `help\' command.
* fixed sftp to show file names with slashes.
* fixed pget status display when all chunks are done except the first one.- Drop lftp-CVE-2014-0139.patch, fixed upstream.- Refresh lftp-default-ssl-cipher.patch
* Fri Jan 09 2015 andreas.stiegerAATTgmx.de- lftp 4.6.1:
* new mirror option --scan-all-first.
* mirror --Remove-source-files now removes files already present at the target.
* added a workaround for FUSE with HadoopFS I/O error during rename(2).
* fixed du to round file size up to block size.
* fixed compilation with libressl.
* fixed OPTS MLST, removed trailing semicolon.
* fixed put to sftp with special files (like /dev/stdin).
* fixed ftp to copy SID properly with GnuTLS
* fixed mirror to follow redirections to files
* Thu Dec 11 2014 vcizekAATTsuse.com- build with openssl instead of gnutls as suggested in bnc#792456
* don\'t default to /etc/ssl/ca-bundle.pem (bnc#907803)
* drop lftp-ca-bundle-path.patch- fix a \"curl\" vulnerability CVE-2014-0139
* that\'s because lftp uses code borrowed from curl 7.21.3 which contains this incorrect wildcard certificate validation
* added lftp-CVE-2014-0139.patch
* Mon Nov 03 2014 tchvatalAATTsuse.com- Fix the update-alternatives to be up-par
* Mon Nov 03 2014 tchvatalAATTsuse.com- Fully remove sle10 support.
* Mon Nov 03 2014 tchvatalAATTsuse.com- Version bump to lftp 4.6.0:
* new torrent --share option.
* new setting mirror:require-source.
* new settings xfer:use-temp-file and xfer:temp-file-name.
* ftp: wait for QUIT reply before closing control socket.
* display valid IDN in URLs without percent encoding.
* ftp: shutdown SSL connection before closing control socket.
* ftp: avoid duplication of PROT command.
* fixed debug -o to append to the log file.
* fixed compilation without SSL.
* http: don\'t uncompress files ending with .gz, .Z or .tgz
* http: fixed inflation of some files.
* minor fixes in torrent protocol.
  
ICM