View Issue Details

IDProjectCategoryView StatusLast Update
0003311CentOS-5vsftpdpublic2009-10-17 22:48
Reporterkai Assigned To 
Status resolvedResolutionfixed 
Product Version5.2 
Fixed in Version5.4 
Summary0003311: vsftpd doesn't correctly shut down TLS connections (FTPS)
DescriptionThis is a security and an interoperability bug (see additional information links for more on both).
It appears that all Filezilla versions newer than won't work with vsftpd when using FTPS/FTPES because they error out because of the missing TLS shutdown. Error message: ECONNABORTED. This may apply to other clients over time (as they fix this) as well.
It seems that both, Filezilla and vsftpd developers, see this as a security issue. It was fixed in version 2.0.7 of vsftpd. So, this should get fixed/backported ASAP by upstream.
Additional Informationcompare:
(- Shutdown the SSL data connections properly. This prevents clients such as
recent FileZilla from complaining. Reported by various people.)
my posting on centos-users: <>
Tagsfixed in 5.4




2008-12-21 17:33

administrator   ~0008485

please fill a RFE upstream and cross-link back to here (5.3 beta still have the vsftpd-2.0.5-12.el5. version)


2008-12-21 17:38

reporter   ~0008486

I thought I can only file a bug there if I'm a RedHat Network subscriber or so? No?


2008-12-21 17:50

administrator   ~0008488

afaik, bugzilla is open to everyone to report bugs/RFE. Of course, upstream does not have to fix it and one doesn't always get solutions/support there. Neverheless the issue/RFE is at least known/public and the package maintainer is aware of the issue.


2008-12-21 18:08

reporter   ~0008489

I added a comment whatever it's worth. It would apparently need a subscriber to "ask your support representative to set the next rhel-x.y flag to "?".


2009-01-02 17:57

reporter   ~0008522

Opened a SR with upstream to backport this officially. It should be noted that there is a patch included in the bz report.

I built some RPM's against this patch and they are available here:


2009-01-03 12:48

reporter   ~0008526

I can confirm that an FTPES connect with Filezilla to the vsftpd from these rpms works.


2009-01-08 16:36

reporter   ~0008552

Per RH, this should be fixed shortly in 4.x:

And is slated to be addressed in RHEL 5.4. No idea if there will be an interim errata release for RHEL5 however...

Issue History

Date Modified Username Field Change
2008-12-21 13:46 kai New Issue
2008-12-21 17:33 tru Note Added: 0008485
2008-12-21 17:38 kai Note Added: 0008486
2008-12-21 17:50 tru Note Added: 0008488
2008-12-21 18:08 kai Note Added: 0008489
2009-01-02 17:57 rayvd Note Added: 0008522
2009-01-03 12:48 kai Note Added: 0008526
2009-01-08 16:36 rayvd Note Added: 0008552
2009-08-05 20:38 user430 Tag Attached: fixed in 5.4
2009-10-17 22:47 user430 Status new => resolved
2009-10-17 22:47 user430 Fixed in Version => 5.4
2009-10-17 22:47 user430 Resolution open => fixed