diff options
| author | cpiazza <cpiazza@FreeBSD.org> | 1999-08-30 19:14:07 +0000 |
|---|---|---|
| committer | cpiazza <cpiazza@FreeBSD.org> | 1999-08-30 19:14:07 +0000 |
| commit | 5da4fc457bfe10e575b7aa2f4399f375c18cc209 (patch) | |
| tree | a206a0022f6cd0a080cdae05f7877e4336ea898e /ftp/wu-ftpd+ipv6 | |
| parent | 3ad5d8a8983bad4d18954088dd855daac516c92b (diff) | |
| download | FreeBSD-ports-5da4fc457bfe10e575b7aa2f4399f375c18cc209.zip FreeBSD-ports-5da4fc457bfe10e575b7aa2f4399f375c18cc209.tar.gz | |
Add a PATCH_FILE to close a security hole in wu-ftpd.
Quoted from wu-ftpd group's accouncement:
Due to insufficient bounds checking on directory name lengths which can
be supplied by users, it is possible to overwrite the static memory
space of the wu-ftpd daemon while it is executing under certain
configurations. By having the ability to create directories and
supplying carefully designed directory names to the wu-ftpd, users may
gain privileged access.
PR: 13475
Submitted by: jack@germanium.xtalwind.net
Diffstat (limited to 'ftp/wu-ftpd+ipv6')
| -rw-r--r-- | ftp/wu-ftpd+ipv6/Makefile | 3 | ||||
| -rw-r--r-- | ftp/wu-ftpd+ipv6/distinfo | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/ftp/wu-ftpd+ipv6/Makefile b/ftp/wu-ftpd+ipv6/Makefile index 20940b6..7ca3f87 100644 --- a/ftp/wu-ftpd+ipv6/Makefile +++ b/ftp/wu-ftpd+ipv6/Makefile @@ -12,6 +12,9 @@ DISTNAME= wu-ftpd-2.5.0 CATEGORIES= ftp MASTER_SITES= ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd/ +PATCH_SITES= ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/ +PATCHFILES= mapped.path.overrun.patch + MAINTAINER= ache@FreeBSD.org Y2K= http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35 diff --git a/ftp/wu-ftpd+ipv6/distinfo b/ftp/wu-ftpd+ipv6/distinfo index 213f7f2..0a18728 100644 --- a/ftp/wu-ftpd+ipv6/distinfo +++ b/ftp/wu-ftpd+ipv6/distinfo @@ -1 +1,2 @@ MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7 +MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d |
