Fix a root exploit: http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html How-To-Repeat: See above URL.
State Changed From-To: open->feedback Awaiting maintainers feedback
Sorry, forgot to put reference to original patch at NetBSD pgksrc: http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/net/tnftpd/patches/patch-aa Serg.
Edwin Groothuis wrote (2006/12/11): > Maintainer of ftp/tnftpd, > Please note that PR ports/106594 has just been submitted. > If it contains a patch for an upgrade, an enhancement or a bug fix > you agree on, reply to this email stating that you approve the patch > and a committer will take care of it. > > The full text of the PR can be found at: > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/106594 Hello, yes, please commit it and close the PR, so that there is a version, which is believed that fixes tnftpd-20040810. I hope that I will prepare patches for tnftpd upgrade from 20040810 to 20061204, so that both the problem is fixed and there is a new version of tnftpd. Thanks. -- Rudolf Cejka <cejkar at fit.vutbr.cz> http://www.fit.vutbr.cz/~cejkar Brno University of Technology, Faculty of Information Technology Bozetechova 2, 612 66 Brno, Czech Republic
Responsible Changed From-To: freebsd-ports-bugs->miwi I'll take it.
miwi 2006-12-13 07:21:34 UTC FreeBSD ports repository Modified files: ftp/tnftpd Makefile Added files: ftp/tnftpd/files patch-libnetbsd-glob.c Log: - Fix root exploid PR: ports/106594 Submitted by: Sergey N. Voronkov <serg@tmn.ru> Approved by: maintainer Security: http://www.vuxml.org/freebsd/e969e6cb-8911-11db-9d01-0016179b2dd5.html Revision Changes Path 1.10 +1 -0 ports/ftp/tnftpd/Makefile 1.1 +12 -0 ports/ftp/tnftpd/files/patch-libnetbsd-glob.c (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed. Thanks!