Date: Wed, 15 Sep 1999 20:27:36 -0600 From: Warner Losh <imp@village.org> To: "Kelsey Cummings" <kc@neteze.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Vulnerabilities in wu-ftpd and proftpd (J-068) Message-ID: <199909160227.UAA17782@harmony.village.org> In-Reply-To: Your message of "Wed, 15 Sep 1999 14:17:59 PDT." <0e6f01beffbf$c991bb00$33f9c9d0@neteze.com> References: <0e6f01beffbf$c991bb00$33f9c9d0@neteze.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- In message <0e6f01beffbf$c991bb00$33f9c9d0@neteze.com> "Kelsey Cummings" writes: : Is checking out the lastest verision of wu-ftpd (wu-ftpd-2.4.2-vr17?) from : the ports collection (cvs co wu-ftpd) fix this vulnerablity, I'm relatively : new to this and it wasn't clear in the bulitin what versions were affected, : only that those previous to August 30, 1999 are. Thanks. proftpd is still broken. Don't use it. If you build the wu-ftpd port checked out after August 30, 1999 then you are safe. Otherwise you likely aren't. Many old versions of wu-ftpd are vulnerable. The exact details are available at ftp://ftp.wu-ftpd.org/pub/wu-ftpd/2.5.0.Security.Update.asc Warner Losh FreeBSD Security Officer -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBN+BVj1UuHi5z0oilAQESGwP8CQNDDGvI60pwG/On0tHluPU6GpwFkEVx QpEFbejj2FYbYi8oFqsh7h+eRIqJM0pLDI1TEEOhn0WNZ7u9PmJGClII0qFP9fPK MukYUkfvatk2NABE5QhupTu3uzhoxYfEcftChD0HCAmv/ARud2BFVaat87gxGXwL 3Nz8RTpa63Q= =6sJu -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909160227.UAA17782>