Your message dated Sat, 05 Sep 2015 14:33:54 +0100
with message-id <[email protected]>
and subject line Closing bugs for 7.9
has caused the Debian Bug report #790692,
regarding wheezy-pu: package ftpd-ssl/0.17.33+0.3-1+deb7u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
790692: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790692
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: wheezy
User: [email protected]
Usertags: pu
Hello all,
I would like to proceed with an update also to
oldstable/wheezy of the SSL-enhanced FTP server
built from linux-ftpd-ssl. It deals with the
same denial of service as was established in
the report #788331, and the remedy is identical
to the one applied to testing as well has been
queued for jessie-pu. The relevant debdiff is
herewith attached.
Best regards,
Mats Erik Andersson, present maintainer of linux-ftpd-ssl.
diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/changelog
linux-ftpd-ssl-0.17.33+0.3/debian/changelog
--- linux-ftpd-ssl-0.17.33+0.3/debian/changelog 2011-04-20 03:47:23.000000000
+0200
+++ linux-ftpd-ssl-0.17.33+0.3/debian/changelog 2015-06-30 01:04:24.000000000
+0200
@@ -1,3 +1,11 @@
+linux-ftpd-ssl (0.17.33+0.3-1+deb7u1) wheezy; urgency=medium
+
+ * QA Upload
+ * NLST of empty directory results in segfault. (Closes: #788331)
+ + debian/patches/500-ssl.diff: Updated.
+
+ -- Mats Erik Andersson <[email protected]> Tue, 30 Jun 2015
01:04:03 +0200
+
linux-ftpd-ssl (0.17.33+0.3-1) unstable; urgency=low
* Update to linux-ftpd 0.17-33.
diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff
linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff
--- linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff 2011-04-20
03:47:23.000000000 +0200
+++ linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff 2015-06-16
13:46:42.000000000 +0200
@@ -3,7 +3,7 @@
Origin:
ftp://ftp.uni-mainz.de/pub/software/security/ssl/SSL-MZapps/linux-ftpd-0.17+ssl-0.3.diff.gz
Forwarded: not-needed
Author: Tim Hudson <[email protected]>
-Last-Update: 2010-06-21
+Last-Update: 2015-06-11
Index: linux-ftpd-ssl/ftpd/Makefile
===================================================================
@@ -917,10 +917,12 @@
byte_count += strlen(nbuf) + 1;
}
}
-@@ -2705,6 +3193,13 @@
+@@ -2704,8 +3193,16 @@
+ reply(226, "Transfer complete.");
transflag = 0;
- if (dout != NULL)
+- if (dout != NULL)
++ if (dout != NULL) {
+#ifdef USE_SSL
+ if (ssl_data_active_flag && (ssl_data_con!=NULL)) {
+ SSL_free(ssl_data_con);
@@ -929,8 +931,10 @@
+ }
+#endif /* USE_SSL */
(void) fclose(dout);
++ }
data = -1;
pdata = -1;
+ out:
@@ -2792,3 +3287,223 @@
}
#endif /* TCPWRAPPERS */
--- End Message ---
--- Begin Message ---
Version: 7.9
Hi,
These bugs relate to updates which were included in the 7.9 point
release.
Regards,
Adam
--- End Message ---
