diff options
| author | Chris Piazza <cpiazza@FreeBSD.org> | 1999-08-30 19:14:07 +0000 |
|---|---|---|
| committer | Chris Piazza <cpiazza@FreeBSD.org> | 1999-08-30 19:14:07 +0000 |
| commit | 58ca2806f3504fbc6fb341a28d0adfa9503f72a9 (patch) | |
| tree | d22f266e7f50c04b645bd84bb80673d1a37ad11d /ftp/wu-ftpd/distinfo | |
| parent | GNU Pth 1.1.3 -> 1.1.4 (diff) | |
Add a PATCH_FILE to close a security hole in wu-ftpd.
Quoted from wu-ftpd group's accouncement:
Due to insufficient bounds checking on directory name lengths which can
be supplied by users, it is possible to overwrite the static memory
space of the wu-ftpd daemon while it is executing under certain
configurations. By having the ability to create directories and
supplying carefully designed directory names to the wu-ftpd, users may
gain privileged access.
PR: 13475
Submitted by: jack@germanium.xtalwind.net
Notes
Notes:
svn path=/head/; revision=21133
Diffstat (limited to '')
| -rw-r--r-- | ftp/wu-ftpd/distinfo | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ftp/wu-ftpd/distinfo b/ftp/wu-ftpd/distinfo index 213f7f23a0d8..0a187286a77d 100644 --- a/ftp/wu-ftpd/distinfo +++ b/ftp/wu-ftpd/distinfo @@ -1 +1,2 @@ MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7 +MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d |