Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 9 Sep 1999 16:58:34 +0200
From:      Udo Schweigert <ust@cert.siemens.de>
To:        "Rashid N. Achilov" <shelton@sentry.granch.ru>
Cc:        Ruslan Ermilov <ru@ucb.crimea.ua>, Bill Fink <bill@billfink.com>, security@FreeBSD.ORG
Subject:   Re: FTP Vulnerability
Message-ID:  <19990909165834.A51466@alaska.cert.siemens.de>
In-Reply-To: <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru>
References:  <19990909162255.A15548@relay.ucb.crimea.ua> <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Sep 09, 1999 at 08:54:08PM +0700, Rashid N. Achilov wrote:
> On Thu, 9 Sep 1999, Ruslan Ermilov wrote:
> 
> > > I've visited the mirrors for the WUFTP site(s) looking for the versions
> > > "after August 30" and there's NOTHING newer than MAY.
> > > 
> > The versions we are talking about refer to the FreeBSD ports collection.
> > Port of wu-ftpd (/usr/ports/net/wu-ftpd) has been upgraded to apply the
> > following patch:
> > 
> > ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/mapped.path.overrun.patch
> 
> On this site mapped.overrun... dated August,24.
> In ports tree in patches subdir newest patch dated April,7 :-)
> 

That's OK, because the patch will be downloaded when doing the "make". 

Makefile contains:

PATCH_SITES=    ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/
PATCHFILES=     \
                data-limit.patch \
                deny.not.nameserved.patch \
                mapped.path.overrun.patch \
                not.in.class.patch \
                rfc931.timeout.patch

Regards
-------------------------------------------------------------------------------
Udo Schweigert              || Voice      : +49 89 636 42170
Siemens AG, Siemens CERT    || Fax        : +49 89 636 48000
ZT IK 3                     || email      : Udo.Schweigert@mchp.siemens.de
D-81730 Muenchen / Germany  ||            : ust@cert.siemens.de
PGP fingerprint             || 2A 53 F6 A6 30 59 64 02  6B C4 E0 73 B2 C9 6C E7
-------------------------------------------------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990909165834.A51466>