Bug 70624 - Security update to latest tnftpd-20040810
Summary: Security update to latest tnftpd-20040810
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-08-18 18:20 UTC by Rudolf Čejka
Modified: 2004-08-19 15:26 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rudolf Čejka 2004-08-18 18:20:13 UTC 
 
 There is a patch for update to tnftpd 20040810, which contains latest
 security fixes
 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc
 
 # cd /usr/ports/ftp/tnftpd
 # patch < tnftpd.diff
 
 -- tnftpd.diff begin --
 diff -urN ../tnftpd.orig/Makefile ./Makefile
 --- ../tnftpd.orig/Makefile	Mon May 24 10:20:57 2004
 +++ ./Makefile	Wed Aug 18 15:38:10 2004
 @@ -6,8 +6,7 @@
  #
  
  PORTNAME=	tnftpd
 -PORTVERSION=	20031217
 -PORTREVISION=	1
 +PORTVERSION=	20040810
  CATEGORIES=	ftp ipv6
  MASTER_SITES=	ftp://ftp.netbsd.org/pub/NetBSD/misc/tnftp/
  
 diff -urN ../tnftpd.orig/distinfo ./distinfo
 --- ../tnftpd.orig/distinfo	Fri Mar 19 11:59:38 2004
 +++ ./distinfo	Wed Aug 18 15:39:50 2004
 @@ -1,2 +1,2 @@
 -MD5 (tnftpd-20031217.tar.gz) = b33d184b49bf5335cc59c2827f4c71aa
 -SIZE (tnftpd-20031217.tar.gz) = 177483
 +MD5 (tnftpd-20040810.tar.gz) = a51e89237973db43ae3fd0bb448e9ae4
 +SIZE (tnftpd-20040810.tar.gz) = 178638
 diff -urN ../tnftpd.orig/files/patch-configure ./files/patch-configure
 --- ../tnftpd.orig/files/patch-configure	Mon May 17 14:47:28 2004
 +++ ./files/patch-configure	Wed Aug 18 15:44:22 2004
 @@ -1,6 +1,6 @@
  --- configure.orig	Mon May 17 14:46:54 2004
  +++ configure	Mon May 17 14:47:14 2004
 -@@ -2423,6 +2423,7 @@
 +@@ -2434,6 +2434,7 @@
     cat > conftest.$ac_ext <<EOF
   #line 2425 "configure"
   #include "confdefs.h"
 diff -urN ../tnftpd.orig/files/patch-src-Makefile.in ./files/patch-src-Makefile.in
 --- ../tnftpd.orig/files/patch-src-Makefile.in	Fri Jan 23 23:51:48 2004
 +++ ./files/patch-src-Makefile.in	Wed Aug 18 16:36:34 2004
 @@ -1,6 +1,6 @@
  --- src/Makefile.in-orig	Mon Feb 17 22:57:18 2003
  +++ src/Makefile.in	Mon Feb 17 22:57:48 2003
 -@@ -22,8 +22,7 @@
 +@@ -23,8 +23,7 @@
   INSTALL	= @INSTALL@
   
   PROG	= tnftpd
 diff -urN ../tnftpd.orig/files/patch-src-ftpd.c ./files/patch-src-ftpd.c
 --- ../tnftpd.orig/files/patch-src-ftpd.c	Wed Feb  4 14:51:38 2004
 +++ ./files/patch-src-ftpd.c	Wed Aug 18 17:27:31 2004
 @@ -1,20 +1,17 @@
 ---- src/ftpd.c-orig	Tue Feb  3 18:16:46 2004
 -+++ src/ftpd.c	Tue Feb  3 18:19:26 2004
 -@@ -436,6 +436,7 @@
 - 	if (EMPTYSTR(confdir))
 - 		confdir = _DEFAULT_CONFDIR;
 - 
 -+#ifdef _SC_LOGIN_NAME_MAX
 - 	errno = 0;
 - 	l = sysconf(_SC_LOGIN_NAME_MAX);
 - 	if (l == -1 && errno != 0) {
 -@@ -446,6 +447,9 @@
 - 		curname_len = _POSIX_LOGIN_NAME_MAX;
 +--- src/ftpd.c-orig	Wed Aug 18 17:22:30 2004
 ++++ src/ftpd.c	Wed Aug 18 17:27:28 2004
 +@@ -450,12 +450,12 @@
 + 		exit(1);
 + 	} else if (l <= 0) {
 + 		syslog(LOG_WARNING, "using conservative LOGIN_NAME_MAX value");
 +-		curname_len = _POSIX_LOGIN_NAME_MAX;
 ++		curname_len = LOGIN_NAME_MAX;
   	} else 
   		curname_len = (size_t)l;
 -+#else
 + #else
 + 	/* using conservative LOGIN_NAME_MAX value */
 +-	curname_len = _POSIX_LOGIN_NAME_MAX;
  +	curname_len = LOGIN_NAME_MAX;
 -+#endif
 + #endif
   	curname = malloc(curname_len);
   	if (curname == NULL) {
 - 		syslog(LOG_ERR, "malloc: %m");
 diff -urN ../tnftpd.orig/files/patch-src-logutmp.c ./files/patch-src-logutmp.c
 --- ../tnftpd.orig/files/patch-src-logutmp.c	Wed Feb  4 14:51:38 2004
 +++ ./files/patch-src-logutmp.c	Wed Aug 18 16:37:46 2004
 @@ -1,6 +1,6 @@
  --- src/logutmp.c-orig	Thu Jan 29 15:43:57 2004
  +++ src/logutmp.c	Thu Jan 29 15:44:33 2004
 -@@ -60,13 +60,13 @@
 +@@ -59,13 +59,13 @@
   #include <stdio.h>
   #include <stdlib.h>
   #include <string.h>
 diff -urN ../tnftpd.orig/files/patch-src-logwtmp.c ./files/patch-src-logwtmp.c
 --- ../tnftpd.orig/files/patch-src-logwtmp.c	Wed Aug 11 10:52:49 2004
 +++ ./files/patch-src-logwtmp.c	Wed Aug 18 16:45:05 2004
 @@ -11,10 +11,10 @@
   
   #include <fcntl.h>
  +#include <netdb.h>
 - #include <setjmp.h>
   #include <signal.h>
   #include <stdio.h>
 -@@ -57,7 +59,6 @@
 + #include <string.h>
 +@@ -56,7 +58,6 @@
   #ifdef SUPPORT_UTMPX
   #include <utmpx.h>
   #endif
 @@ -22,7 +22,7 @@
   
   #ifdef KERBEROS5
   #include <krb5/krb5.h>
 -@@ -80,6 +81,26 @@
 +@@ -79,6 +80,26 @@
   {
   	struct utmp ut;
   	struct stat buf;
 diff -urN ../tnftpd.orig/files/patch-tnftpd.h ./files/patch-tnftpd.h
 --- ../tnftpd.orig/files/patch-tnftpd.h	Wed Feb  4 14:51:38 2004
 +++ ./files/patch-tnftpd.h	Wed Aug 18 17:26:54 2004
 @@ -1,12 +1,12 @@
  --- tnftpd.h-orig	Wed Dec 17 02:43:41 2003
  +++ tnftpd.h	Tue Feb  3 18:14:15 2004
 -@@ -429,5 +429,9 @@
 +@@ -426,5 +426,9 @@
   #define TM_YEAR_BASE	1900
   
   #if ! defined(LOGIN_NAME_MAX)
  +#if defined(MAXLOGNAME)
  +# define LOGIN_NAME_MAX MAXLOGNAME
 -+#elif ! defined(LOGIN_NAME_MAX)
 ++#else
   # define LOGIN_NAME_MAX (9)
  +#endif
   #endif
 -- tnftpd.diff end --
Comment 1 Volker Stolz freebsd_committer freebsd_triage 2004-08-19 15:25:33 UTC 
State Changed
From-To: open->closed

Committed, thanks!