Uploaded image for project: 'Commons Net'
  1. Commons Net
  2. NET-711

Add FTP option to toggle use of return host like cURL

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.9.0
    • FTP
    • None

    Description

      Apache Commons Net's FTP client trusts the host from PASV response by default.

      The default in version 3.9.0 is now false to ignore such hosts, as cURL does.

      To restore the pre-3.9.0 behavior, either:

      • Set the new system property to org.apache.commons.net.ftp.ipAddressFromPasvResponse to true.
      • Call FTPClient#setIpAddressFromPasvResponse(true);

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-18561 CVE-2021-37533 on commons-net is included in hadoop common and hadoop-client-runtime

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Activity

            People

              Unassigned Unassigned
              ggregory Gary D. Gregory
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: