Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 8 Mar 2011 23:06:36 GMT
From:      Zhihao Yuan <lichray@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/155386: ftp/pure-ftpd updated with a STARTTLS flaw fixed
Message-ID:  <201103082306.p28N6aku035469@red.freebsd.org>
Resent-Message-ID: <201103082310.p28NA6O0096063@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         155386
>Category:       ports
>Synopsis:       ftp/pure-ftpd updated with a STARTTLS flaw fixed
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 08 23:10:06 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Zhihao Yuan
>Release:        FreeBSD 8.2-STABLE
>Organization:
Northern Illinois University
>Environment:
FreeBSD compaq.yuetime 8.2-STABLE FreeBSD 8.2-STABLE #0: Tue Mar  8 01:53:40 CST 2011     root@compaq.yuetime:/usr/obj/usr/src/sys/HOUKAGO  amd64
>Description:
Pure-FTPd 1.0.30 has been released.
http://www.pureftpd.org/project/pure-ftpd/news
Note this: 
 * Fix a STARTTLS flaw similar to Postfix’s CVE-2011-0411. If you’re using TLS, upgrading is recommended.
>How-To-Repeat:

>Fix:
Just updated it to the latest release.

Patch attached with submission follows:

diff -rupN pure-ftpd.orig/Makefile pure-ftpd/Makefile
--- pure-ftpd.orig/Makefile	2011-03-08 16:58:47.404514232 -0600
+++ pure-ftpd/Makefile	2011-03-08 16:55:13.652067727 -0600
@@ -6,8 +6,8 @@
 #
 
 PORTNAME=	pure-ftpd
-PORTVERSION=	1.0.29
-PORTREVISION=	1
+PORTVERSION=	1.0.30
+#PORTREVISION=	1
 CATEGORIES=	ftp ipv6
 MASTER_SITES=	http://download.pureftpd.org/pub/pure-ftpd/releases/ \
 		ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/ \
diff -rupN pure-ftpd.orig/distinfo pure-ftpd/distinfo
--- pure-ftpd.orig/distinfo	2011-03-08 16:58:47.404514232 -0600
+++ pure-ftpd/distinfo	2011-03-08 16:57:38.391767247 -0600
@@ -1,2 +1,2 @@
-SHA256 (pure-ftpd-1.0.29.tar.bz2) = b9217802d2674c0471fc43004565d4630e0938ca8530c3a1b73361d405259f5f
-SIZE (pure-ftpd-1.0.29.tar.bz2) = 466867
+SHA256 (pure-ftpd-1.0.30.tar.bz2) = 9b85cf5f6290f6cbed18ede22862922a8701c691abee78b15e9aa40da63de0fe
+SIZE (pure-ftpd-1.0.30.tar.bz2) = 475402


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201103082306.p28N6aku035469>