From owner-freebsd-security  Thu Sep  9  6:59:17 1999
Delivered-To: freebsd-security@freebsd.org
Received: from sentry.granch.ru (sentry.granch.ru [212.20.5.135])
	by hub.freebsd.org (Postfix) with ESMTP id 0E35014CCF
	for <security@FreeBSD.ORG>; Thu,  9 Sep 1999 06:59:12 -0700 (PDT)
	(envelope-from shelton@sentry.granch.ru)
Received: from localhost (IDENT:shelton@localhost.granch.ru [127.0.0.1])
	by sentry.granch.ru (8.9.3/8.9.3) with ESMTP id UAA59549;
	Thu, 9 Sep 1999 20:54:09 +0700 (NOVST)
Date: Thu, 9 Sep 1999 20:54:08 +0700 (NOVST)
From: "Rashid N. Achilov" <shelton@sentry.granch.ru>
To: Ruslan Ermilov <ru@ucb.crimea.ua>
Cc: Bill Fink <bill@billfink.com>, security@FreeBSD.ORG
Subject: Re: FTP Vulnerability
In-Reply-To: <19990909162255.A15548@relay.ucb.crimea.ua>
Message-ID: <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 9 Sep 1999, Ruslan Ermilov wrote:

> > I've visited the mirrors for the WUFTP site(s) looking for the versions
> > "after August 30" and there's NOTHING newer than MAY.
> > 
> The versions we are talking about refer to the FreeBSD ports collection.
> Port of wu-ftpd (/usr/ports/net/wu-ftpd) has been upgraded to apply the
> following patch:
> 
> ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/mapped.path.overrun.patch

On this site mapped.overrun... dated August,24.
In ports tree in patches subdir newest patch dated April,7 :-)

   With Best Regards.
   Rashid N. Achilov (RNA1-RIPE), Cert. ID: 28514, Granch Ltd. lead engineer
   e-mail: achilov@granch.ru, tel (383-2) 24-2363



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message