Add a PATCH_FILE to close a security hole in wu-ftpd.
Quoted from wu-ftpd group's accouncement: Due to insufficient bounds checking on directory name lengths which can be supplied by users, it is possible to overwrite the static memory space of the wu-ftpd daemon while it is executing under certain configurations. By having the ability to create directories and supplying carefully designed directory names to the wu-ftpd, users may gain privileged access. PR: 13475 Submitted by: jack@germanium.xtalwind.net
This commit is contained in:
parent
0026d832e3
commit
58ca2806f3
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=21133
@ -12,6 +12,9 @@ DISTNAME= wu-ftpd-2.5.0
|
||||
CATEGORIES= ftp
|
||||
MASTER_SITES= ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd/
|
||||
|
||||
PATCH_SITES= ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/
|
||||
PATCHFILES= mapped.path.overrun.patch
|
||||
|
||||
MAINTAINER= ache@FreeBSD.org
|
||||
|
||||
Y2K= http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35
|
||||
|
@ -1 +1,2 @@
|
||||
MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7
|
||||
MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d
|
||||
|
@ -12,6 +12,9 @@ DISTNAME= wu-ftpd-2.5.0
|
||||
CATEGORIES= ftp
|
||||
MASTER_SITES= ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd/
|
||||
|
||||
PATCH_SITES= ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/
|
||||
PATCHFILES= mapped.path.overrun.patch
|
||||
|
||||
MAINTAINER= ache@FreeBSD.org
|
||||
|
||||
Y2K= http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35
|
||||
|
@ -1 +1,2 @@
|
||||
MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7
|
||||
MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d
|
||||
|
Loading…
Reference in New Issue
Block a user