From owner-freebsd-security  Wed Oct 20 19:14: 5 1999
Delivered-To: freebsd-security@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 039C414E6C; Wed, 20 Oct 1999 19:14:03 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP
	id E61421CD43B; Wed, 20 Oct 1999 19:14:03 -0700 (PDT)
	(envelope-from kris@hub.freebsd.org)
Date: Wed, 20 Oct 1999 19:14:03 -0700 (PDT)
From: Kris Kennaway <kris@hub.freebsd.org>
To: Michael Bryan <fbsd-security@ursine.com>
Cc: freebsd-security@FreeBSD.ORG, ache@freebsd.org
Subject: Re: CERT CA-99.13
In-Reply-To: <199910201822360100.19F76012@quaggy.ursine.com>
Message-ID: <Pine.BSF.4.10.9910201912350.80018-100000@hub.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, 20 Oct 1999, Michael Bryan wrote:

> That does not cover the latest CERT notice.  There have been
> additional vulnerabilities found in all versions of wu-ftpd
> prior to 2.6.0, which was just released.  The most recent
> CERT notice describes three vulnerabilities, only one of
> which is addressed in the FreeBSD advisory.

I wasn't aware there had been another advisory released - you'll have to
contact the port maintainer (ache@FreeBSD.org, CC'ed) about the status of
these holes - there have been so many I can't keep up any more :-)

Kris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message