Bug 155386

Summary: ftp/pure-ftpd updated with a STARTTLS flaw fixed
Product: Ports & Packages Reporter: lichray
Component: Individual Port(s)Assignee: Renato Botelho <garga>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description lichray 2011-03-08 23:10:06 UTC
Pure-FTPd 1.0.30 has been released.
http://www.pureftpd.org/project/pure-ftpd/news
Note this: 
 * Fix a STARTTLS flaw similar to Postfixs CVE-2011-0411. If youre using TLS, upgrading is recommended.

Fix: Just updated it to the latest release.

Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2011-03-08 23:10:16 UTC
Responsible Changed
From-To: freebsd-ports-bugs->garga

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 lichray 2011-04-14 08:19:53 UTC
Excuse me? It's already a timeout...

-- 
Zhihao Yuan
The best way to predict the future is to invent it.
Comment 3 dfilter service freebsd_committer freebsd_triage 2011-05-10 14:50:32 UTC
garga       2011-05-10 13:50:23 UTC

  FreeBSD ports repository

  Modified files:
    ftp/pure-ftpd        Makefile distinfo 
  Log:
  - Update to 1.0.32
  
  PR:             ports/155386
  Submitted by:   Zhihao Yuan <lichray@gmail.com>
  Security:       CVE-2011-1575
  
  Revision  Changes    Path
  1.77      +1 -2      ports/ftp/pure-ftpd/Makefile
  1.50      +2 -2      ports/ftp/pure-ftpd/distinfo
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 4 Renato Botelho freebsd_committer freebsd_triage 2011-05-10 14:52:41 UTC
State Changed
From-To: open->closed

Committed. Thanks!