tags 454733 + patch thanks Hi, attached is a patch for an NMU which fixes the described security issue. It will be also archived on: http://people.debian.org/~nion/nmu-diff/linux-ftpd-ssl-0.17.18+0.3-9_0.17.18+0.3-9.1.patch
Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
--- linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
+++ linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
@@ -1729,7 +1729,7 @@
static FILE * dataconn(const char *name, off_t size, const char *mode, int stou)
{
char sizebuf[32];
- FILE *file;
+ FILE *file = NULL;
int retry = 0, tos;
file_size = size;
@@ -1822,7 +1822,10 @@
ERR_error_string(ERR_get_error(),NULL));
perror_reply(425, errbuf);
/* abort time methinks ... */
- fclose(file);
+ if(file != NULL){
+ fclose(file);
+ file = NULL;
+ }
return NULL;
} else {
if (ssl_debug_flag) {
diff -u linux-ftpd-ssl-0.17.18+0.3/debian/changelog linux-ftpd-ssl-0.17.18+0.3/debian/changelog
--- linux-ftpd-ssl-0.17.18+0.3/debian/changelog
+++ linux-ftpd-ssl-0.17.18+0.3/debian/changelog
@@ -1,3 +1,13 @@
+linux-ftpd-ssl (0.17.18+0.3-9.1) unstable; urgency=high
+
+ * Non-maintainer upload by the testing-security team.
+ * Fix remote denial of service cause by passing an
+ uninitialized file stream to fopen().Initializing file
+ with NULL and checking for NULL before calling fclose()
+ fixes this (CVE-2007-6263; Closes: #454733).
+
+ -- Nico Golde <[EMAIL PROTECTED]> Mon, 10 Dec 2007 18:34:40 +0100
+
linux-ftpd-ssl (0.17.18+0.3-9) unstable; urgency=low
* debian/postrm: invoke update-inetd if it is present.
pgpxK54NaW7JE.pgp
Description: PGP signature
