Date: Tue, 8 Mar 2011 23:06:36 GMT From: Zhihao Yuan <lichray@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/155386: ftp/pure-ftpd updated with a STARTTLS flaw fixed Message-ID: <201103082306.p28N6aku035469@red.freebsd.org> Resent-Message-ID: <201103082310.p28NA6O0096063@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 155386 >Category: ports >Synopsis: ftp/pure-ftpd updated with a STARTTLS flaw fixed >Confidential: no >Severity: non-critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Mar 08 23:10:06 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Zhihao Yuan >Release: FreeBSD 8.2-STABLE >Organization: Northern Illinois University >Environment: FreeBSD compaq.yuetime 8.2-STABLE FreeBSD 8.2-STABLE #0: Tue Mar 8 01:53:40 CST 2011 root@compaq.yuetime:/usr/obj/usr/src/sys/HOUKAGO amd64 >Description: Pure-FTPd 1.0.30 has been released. http://www.pureftpd.org/project/pure-ftpd/news Note this: * Fix a STARTTLS flaw similar to Postfix’s CVE-2011-0411. If you’re using TLS, upgrading is recommended. >How-To-Repeat: >Fix: Just updated it to the latest release. Patch attached with submission follows: diff -rupN pure-ftpd.orig/Makefile pure-ftpd/Makefile --- pure-ftpd.orig/Makefile 2011-03-08 16:58:47.404514232 -0600 +++ pure-ftpd/Makefile 2011-03-08 16:55:13.652067727 -0600 @@ -6,8 +6,8 @@ # PORTNAME= pure-ftpd -PORTVERSION= 1.0.29 -PORTREVISION= 1 +PORTVERSION= 1.0.30 +#PORTREVISION= 1 CATEGORIES= ftp ipv6 MASTER_SITES= http://download.pureftpd.org/pub/pure-ftpd/releases/ \ ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/ \ diff -rupN pure-ftpd.orig/distinfo pure-ftpd/distinfo --- pure-ftpd.orig/distinfo 2011-03-08 16:58:47.404514232 -0600 +++ pure-ftpd/distinfo 2011-03-08 16:57:38.391767247 -0600 @@ -1,2 +1,2 @@ -SHA256 (pure-ftpd-1.0.29.tar.bz2) = b9217802d2674c0471fc43004565d4630e0938ca8530c3a1b73361d405259f5f -SIZE (pure-ftpd-1.0.29.tar.bz2) = 466867 +SHA256 (pure-ftpd-1.0.30.tar.bz2) = 9b85cf5f6290f6cbed18ede22862922a8701c691abee78b15e9aa40da63de0fe +SIZE (pure-ftpd-1.0.30.tar.bz2) = 475402 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201103082306.p28N6aku035469>