Fedora has issued an advisory on June 5: https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160110.html I believe the impetus for the update was a change in 3.11.0.1 (even though they updated to 3.11.0.2), seen here: https://filezilla-project.org/versions.php "Reject Diffie-Hellman Groups smaller than 1024 bits when using FTP over TLS to protect against the Logjam attack" Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
Once Cauldron is reopened I'll update filezilla to 3.11.0.2 version for mga4, mga5 and Cauldron too.
Updated packages uploaded for Mageia 4, Mageia 5, and Cauldron by David. Thanks! Advisory: ======================== Updated filezilla package fixes security vulnerability: The filezilla package has been updated to version 3.11.0.2, fixing multiple bugs and one security issue, related to the LOGJAM TLS issue when using FTP. References: https://filezilla-project.org/versions.php https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160110.html ======================== Updated packages in core/updates_testing: ======================== filezilla-3.11.0.2-1.mga4 filezilla-3.11.0.2-1.mga5 from SRPMS: filezilla-3.11.0.2-1.mga4.src.rpm filezilla-3.11.0.2-1.mga5.src.rpm
CC: (none) => geiger.david68210Version: Cauldron => 5Assignee: geiger.david68210 => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => MGA4TOO
MGA5-x86_64 - testing
CC: (none) => brtians1
In VirtualBox, M4, KDE, 32-bit Package(s) under test: filezilla default install of filezilla [root@localhost wilcal]# urpmi filezilla Package filezilla-3.10.2-1.mga4.i586 is already installed I can transfer files to and from an FTP server. And rename them. install filezilla from updates_testing [root@localhost wilcal]# urpmi filezilla Package filezilla-3.11.0.2-1.mga4.i586 is already installed I can transfer files to and from an FTP server. And rename them. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.26-1.mga4.x86_64 virtualbox-guest-additions-4.3.26-1.mga4.x86_64
CC: (none) => wilcal.int
In VirtualBox, M4, KDE, 64-bit Package(s) under test: filezilla default install of filezilla [root@localhost wilcal]# urpmi filezilla Package filezilla-3.10.2-1.mga4.x86_64 is already installed I can transfer files to and from an FTP server. And rename them. install filezilla from updates_testing [root@localhost wilcal]# urpmi filezilla Package filezilla-3.11.0.2-1.mga4.x86_64 is already installed I can transfer files to and from an FTP server. And rename them. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.26-1.mga4.x86_64 virtualbox-guest-additions-4.3.26-1.mga4.x86_64
In VirtualBox, M5, KDE, 32-bit Package(s) under test: filezilla default install of filezilla [root@localhost wilcal]# urpmi filezilla Package filezilla-3.10.2-1.mga5.i586 is already installed I can transfer files to and from an FTP server. And rename them. install filezilla from updates_testing [root@localhost wilcal]# urpmi filezilla Package filezilla-3.11.0.2-1.mga5.i586 is already installed I can transfer files to and from an FTP server. And rename them. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.26-1.mga4.x86_64 virtualbox-guest-additions-4.3.26-1.mga4.x86_64
In VirtualBox, M5, KDE, 64-bit Package(s) under test: filezilla default install of filezilla [root@localhost wilcal]# urpmi filezilla Package filezilla-3.10.2-1.mga5.x86_64 is already installed I can transfer files to and from an FTP server. And rename them. install filezilla from updates_testing [root@localhost wilcal]# urpmi filezilla Package filezilla-3.11.0.2-1.mga5.x86_64 is already installed I can transfer files to and from an FTP server. And rename them. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.26-1.mga4.x86_64 virtualbox-guest-additions-4.3.26-1.mga4.x86_64
Tested mga5_64, Testing complete for filezilla-3.11.0.2-1.mga5, ok for me nothing to report.
Whiteboard: MGA4TOO => MGA4TOO MGA5-64-OK
Wilcal we need to only test one arch testing until list is little bit more clear.
CC: (none) => ozkyster
adding the MGA{4,5}-{32,64}-OK keywords per the comments.
CC: (none) => shlomifWhiteboard: MGA4TOO MGA5-64-OK => MGA4TOO MGA5-32-OK MGA4-64-OK MGA4-32-OK MGA5-64-OK
Advisory committed to svn. Someone from the sysadmin team please push 16121.adv to updates for Mageia 4 and 5.
CC: (none) => davidwhodginsWhiteboard: MGA4TOO MGA5-32-OK MGA4-64-OK MGA4-32-OK MGA5-64-OK => MGA4TOO MGA5-32-OK MGA4-64-OK MGA4-32-OK MGA5-64-OK advisory
Sorry, forgot to add the validated_update keyword. Someone from the sysadmin team please push 16121.adv to updates for Mageia 4 and 5.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0260.html
Status: NEW => RESOLVEDResolution: (none) => FIXED