OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src openpkg-web Date: 17-Oct-2003 11:33:52
Branch: OPENPKG_1_3_SOLID HEAD Handle: 2003101710335101
Modified files:
openpkg-web news.txt
Modified files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/proftpd proftpd.patch proftpd.spec
Log:
Segfault could not be reproduced on FreeBSD 4.9, 5.1, RedHat 9, Debian
2.2, 3.0, Solaris 9 (iX86); Solaris 8, 9 (SPARC64) but update anyway
as a safety precaution
Summary:
Revision Changes Path
1.2.2.2.2.2 +37 -0 openpkg-src/proftpd/proftpd.patch
1.42.2.4.2.3+1 -1 openpkg-src/proftpd/proftpd.spec
1.7034 +1 -0 openpkg-web/news.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/proftpd/proftpd.patch
============================================================================
$ cvs diff -u -r1.2.2.2.2.1 -r1.2.2.2.2.2 proftpd.patch
--- openpkg-src/proftpd/proftpd.patch 24 Sep 2003 07:16:02 -0000 1.2.2.2.2.1
+++ openpkg-src/proftpd/proftpd.patch 17 Oct 2003 09:33:52 -0000 1.2.2.2.2.2
@@ -171,3 +171,40 @@
}
/*
+
+It looks like Proftpd versions 1.2.7p and 1.2.8p at least
+(the versions patched for the ISS ASCII transfer buffer overflow
+vulnerability) are vulnerable to some kind of buffer overflow:
+
+ http://bugs.proftpd.org/show_bug.cgi?id=2190
+ http://bugs.proftpd.org/show_bug.cgi?id=2194
+
+--- src/data.c.orig 2003-10-16 17:42:39.000000000 +0200
++++ src/data.c 2003-10-16 17:46:55.000000000 +0200
+@@ -154,15 +154,9 @@
+ memmove(copy_buf, tmpbuf, tmplen);
+
+ /* Allocate a new session.xfer.buf of the needed size. */
+- session.xfer.bufsize = tmplen + lfcount;
++ session.xfer.bufsize = tmplen + lfcount + 1;
+ session.xfer.buf = pcalloc(session.xfer.p, session.xfer.bufsize);
+
+- /* Allow space for a CR to be inserted before an LF if an LF is the
+- * first character in the buffer.
+- */
+- session.xfer.buf++;
+- session.xfer.bufstart = session.xfer.buf;
+-
+ memmove(session.xfer.buf, copy_buf, tmplen);
+ destroy_pool(copy_pool);
+
+@@ -194,8 +188,6 @@
+ }
+ }
+
+- /* Always make sure the buffer is NUL-terminated. */
+- tmpbuf[tmplen + added] = '\0';
+ *buf = tmpbuf;
+ *buflen = tmplen + added;
+ }
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/proftpd/proftpd.spec
============================================================================
$ cvs diff -u -r1.42.2.4.2.2 -r1.42.2.4.2.3 proftpd.spec
--- openpkg-src/proftpd/proftpd.spec 24 Sep 2003 07:16:02 -0000 1.42.2.4.2.2
+++ openpkg-src/proftpd/proftpd.spec 17 Oct 2003 09:33:52 -0000 1.42.2.4.2.3
@@ -33,7 +33,7 @@
Group: FTP
License: GPL
Version: 1.2.8
-Release: 1.3.1
+Release: 1.3.2
# package options
%option with_mysql no
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/news.txt
============================================================================
$ cvs diff -u -r1.7033 -r1.7034 news.txt
--- openpkg-web/news.txt 17 Oct 2003 09:14:30 -0000 1.7033
+++ openpkg-web/news.txt 17 Oct 2003 09:33:51 -0000 1.7034
@@ -1,3 +1,4 @@
+17-Oct-2003: Upgraded package: P<proftpd-1.2.8-1.3.2>
17-Oct-2003: Upgraded package: P<mozilla-1.5-20031017>
16-Oct-2003: Upgraded package: P<perl-curses-20031016-20031016>
16-Oct-2003: Upgraded package: P<perl-parse-20031016-20031016>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
