Date: Fri, 19 Mar 1999 23:10:53 +0100 From: Ollivier Robert <roberto@keltia.freenix.fr> To: freebsd-security@FreeBSD.ORG Subject: Re: 3.1-RELEASE Message-ID: <19990319231053.A13596@keltia.freenix.fr> In-Reply-To: <Pine.SOL.3.96L.990319134429.7811A-100000@unix13.andrew.cmu.edu>; from Harry M. Leitzell on Fri, Mar 19, 1999 at 01:49:20PM -0500 References: <Pine.SOL.3.96L.990319134429.7811A-100000@unix13.andrew.cmu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Harry M. Leitzell: > to install an ftp daemon, I ended up using the ports to install proftpd. > The only problem with this is that the ports collection installed pre1 > which has a known buffer overflow in it. Maybe I am wrong in assuming Look in the directory patches in /usr/ports/net/proftpd. You'll notice that a patch was added to close this hole. ---------------------------- revision 1.7 date: 1999/02/12 21:55:04; author: obrien; state: Exp; lines: +5 -1 add buffer overflow vulnerability reduction patch Submitted by: Michael <mharo@area51.fremont.ca.us> ---------------------------- So the package you have is immune. I sent a diff to upgrade the port to pre2 but the package maintainer has an invalid address... -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 4.0-CURRENT #70: Sat Feb 27 09:43:08 CET 1999 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990319231053.A13596>