File _patchinfo of Package patchinfo.25944

<patchinfo incident="25944">
  <issue tracker="bnc" id="1187686">VUL-0: vsftpd: Enforce security checks against ALPACA attack</issue>
  <issue tracker="bnc" id="971784">vsftpd unstable with syslog enabled</issue>
  <issue tracker="bnc" id="1181400">AUDIT-TASK: Evaluate systemd hardenings and get more services to use them</issue>
  <issue tracker="bnc" id="786024">vsftpd broken: audit_log_acct_message() failed: Operation not permitted</issue>
  <issue tracker="bnc" id="1021387">vsftpd with SSL enabled fails with: OOPS: not a normal exit in vsf_sysutil_wait_get_exitcode</issue>
  <issue tracker="bnc" id="1052900">[FIPS] vsftpd doesn't work with SSL enabled: SSL23_GET_SERVER_HELLO:unknown protocol</issue>
  <issue tracker="bnc" id="1187678">VUL-0: CVE-2021-3618: ALPACA Attack Tracker</issue>
  <issue tracker="jsc" id="PM-3322" />
  <issue tracker="jsc" id="SLE-23896"/>
  <issue tracker="cve" id="2021-3618"/>
  <packager>psimons</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for vsftpd</summary>
  <description>This update for vsftpd fixes the following issues:

- CVE-2021-3618: Enforced security checks against ALPACA attack (PM-3322, jsc#SLE-23896, bsc#1187686, bsc#1187678).
- Added hardening to systemd services (bsc#1181400).

Bugfixes:
- Fixed a seccomp failure in FIPS mode when SSL was enabled (bsc#1052900).
- Allowed wait4() to be called so that the broker can wait for its child processes (bsc#1021387).
- Fixed hang when using seccomp and syslog (bsc#971784).
- Allowed sendto() syscall when /dev/log support is enabled (bsc#786024).
</description>
</patchinfo>