ECO kit FTP-080_A054
FTP-080_A054 - ECO kit Rev 8.0 for MultiNet 5.4A 19-Jun-2017
Copyright © 2011, 2012, 2015, 2016, 2017 Process Software, LLC
This kit updates MultiNet V5.4 Rev A with a new version of FTP.EXE,
FTP_SERVER.EXE and FTPS_CONTROLLER.EXE for MultiNet for OpenVMS.
The ranking for this ECO is 2.
The overall ranking for it is 2 (FTP-080_A054)
Included in this kit are fixes for the following :
- Correct a problem with mailboxes and logical names not being
cleaned up when using FTP over TLS. (FTP-080_A054 ECO Rank 2)
----------------------------------------------------------------------
This kit also includes the following changes from previous ECO kit:
- Improve TLS (SSL) error reporting in the FTP server.
(FTP-070_a054 ECO Rank 3)
- Correct a problem with TLS and the
MULTINET_FTP_DONT_WORRY_ABOUT_ISSUER_CERT logical.
(FTP-060_A054 ECO Rank 3)
- Correct a problem in measuring file size that would cause the FTP
Server to read the entire file no matter what mode the file was
being transferred in. When the file is large this would cause a
large delay before transferring the file.
(FTP-060_A054 ECO Rank 2)
- Disable SSLv3 for the client and server to address CVE-2014-3566
(POODLE).
(FTP-050_A054 ECO Rank 3)
- Allow the FTP client to verify TLS certificates that are signed by a
signing authority as well as self-signed certificates (which prior
versions supported). The VERIFY PEER command will enable the new
functionality; the default remains to verify the certificate as a
self-signed certificate (VERIFY SELF). This can be done from the command
line with the /TLS=PEER qualifier. In order for certificates to be
verified the certificates must be in a directory specified by the
logical SSLCERTS and the certificates must be hashed as described in
http://h71000.www7.hp.com/doc/83final/ba554_90007/ch03s01.html
If you've installed the MultiNet user commands in your system-wide
DCL command tables, you must load the updated user command tables
for MultiNet:
$ SET COMMAND /TABLE=SYS$LIBRARY:DCLTABLES.EXE -
/OUTPUT=SYS$COMMON:[SYSLIB]DCLTABLES.EXE -
MULTINET:USER.CLD
On each system where the ECO is installed, and on each node of a
cluster that shares a common system disk:
$ INSTALL REPLACE SYS$LIBRARY:DCLTABLES.EXE
All users will then need to log out and log in again, or set the
command locally by performing the following command:
$ SET COMMAND MULTINET:USER.CLD
The logical MULTINET_FTP_DONT_WORRY_ABOUT_ISSUER_CERT is defined to T,Y,
or 1 then errors getting the issuer's certificate will not cause a
failure in the TLS negotiation.
(FTP-041_A054 ECO Rank 3)
- Make the FTP_SERVER correctly report errors in renaming files.
(FTP-030_A054 DE 11230 ECO Rank 3)
- Correct the error status returned for the SIZE command for file
structured transfers, such that it will return a 550 status value when
the file does not exist.
(FTP-020_A054 DE ECO Rank 3)
- Correct a possible ACCVIO when responses to the FEAT command are very
long.
- Allow for the sending of the FEAT command after connection to be
disabled by defining the logical MULTINET_FTP_SEND_FEAT_ON_CONNECT to
False, No, or 0 (zero).
(FTP-010_A054 DE 11195 ECO Rank 2)
You do not need to reboot after installing this kit.