Date: Thu, 9 Sep 1999 16:58:34 +0200 From: Udo Schweigert <ust@cert.siemens.de> To: "Rashid N. Achilov" <shelton@sentry.granch.ru> Cc: Ruslan Ermilov <ru@ucb.crimea.ua>, Bill Fink <bill@billfink.com>, security@FreeBSD.ORG Subject: Re: FTP Vulnerability Message-ID: <19990909165834.A51466@alaska.cert.siemens.de> In-Reply-To: <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru> References: <19990909162255.A15548@relay.ucb.crimea.ua> <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 09, 1999 at 08:54:08PM +0700, Rashid N. Achilov wrote: > On Thu, 9 Sep 1999, Ruslan Ermilov wrote: > > > > I've visited the mirrors for the WUFTP site(s) looking for the versions > > > "after August 30" and there's NOTHING newer than MAY. > > > > > The versions we are talking about refer to the FreeBSD ports collection. > > Port of wu-ftpd (/usr/ports/net/wu-ftpd) has been upgraded to apply the > > following patch: > > > > ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/mapped.path.overrun.patch > > On this site mapped.overrun... dated August,24. > In ports tree in patches subdir newest patch dated April,7 :-) > That's OK, because the patch will be downloaded when doing the "make". Makefile contains: PATCH_SITES= ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/ PATCHFILES= \ data-limit.patch \ deny.not.nameserved.patch \ mapped.path.overrun.patch \ not.in.class.patch \ rfc931.timeout.patch Regards ------------------------------------------------------------------------------- Udo Schweigert || Voice : +49 89 636 42170 Siemens AG, Siemens CERT || Fax : +49 89 636 48000 ZT IK 3 || email : Udo.Schweigert@mchp.siemens.de D-81730 Muenchen / Germany || : ust@cert.siemens.de PGP fingerprint || 2A 53 F6 A6 30 59 64 02 6B C4 E0 73 B2 C9 6C E7 ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990909165834.A51466>