diff options
author | cpiazza <cpiazza@FreeBSD.org> | 1999-08-31 03:14:07 +0800 |
---|---|---|
committer | cpiazza <cpiazza@FreeBSD.org> | 1999-08-31 03:14:07 +0800 |
commit | 5da4fc457bfe10e575b7aa2f4399f375c18cc209 (patch) | |
tree | a206a0022f6cd0a080cdae05f7877e4336ea898e /ftp/wu-ftpd | |
parent | 3ad5d8a8983bad4d18954088dd855daac516c92b (diff) | |
download | freebsd-ports-gnome-5da4fc457bfe10e575b7aa2f4399f375c18cc209.tar.gz freebsd-ports-gnome-5da4fc457bfe10e575b7aa2f4399f375c18cc209.tar.zst freebsd-ports-gnome-5da4fc457bfe10e575b7aa2f4399f375c18cc209.zip |
Add a PATCH_FILE to close a security hole in wu-ftpd.
Quoted from wu-ftpd group's accouncement:
Due to insufficient bounds checking on directory name lengths which can
be supplied by users, it is possible to overwrite the static memory
space of the wu-ftpd daemon while it is executing under certain
configurations. By having the ability to create directories and
supplying carefully designed directory names to the wu-ftpd, users may
gain privileged access.
PR: 13475
Submitted by: jack@germanium.xtalwind.net
Diffstat (limited to 'ftp/wu-ftpd')
-rw-r--r-- | ftp/wu-ftpd/Makefile | 3 | ||||
-rw-r--r-- | ftp/wu-ftpd/distinfo | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/ftp/wu-ftpd/Makefile b/ftp/wu-ftpd/Makefile index 20940b692a64..7ca3f872b7d3 100644 --- a/ftp/wu-ftpd/Makefile +++ b/ftp/wu-ftpd/Makefile @@ -12,6 +12,9 @@ DISTNAME= wu-ftpd-2.5.0 CATEGORIES= ftp MASTER_SITES= ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd/ +PATCH_SITES= ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/ +PATCHFILES= mapped.path.overrun.patch + MAINTAINER= ache@FreeBSD.org Y2K= http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35 diff --git a/ftp/wu-ftpd/distinfo b/ftp/wu-ftpd/distinfo index 213f7f23a0d8..0a187286a77d 100644 --- a/ftp/wu-ftpd/distinfo +++ b/ftp/wu-ftpd/distinfo @@ -1 +1,2 @@ MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7 +MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d |