[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#790692: marked as done (wheezy-pu: package ftpd-ssl/0.17.33+0.3-1+deb7u1)

Your message dated Sat, 05 Sep 2015 14:33:54 +0100
with message-id <1441460034.2151.33.camel@adam-barratt.org.uk>
and subject line Closing bugs for 7.9
has caused the Debian Bug report #790692,
regarding wheezy-pu: package ftpd-ssl/0.17.33+0.3-1+deb7u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
790692: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790692
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian.org@packages.debian.org
Usertags: pu

Hello all,

I would like to proceed with an update also to
oldstable/wheezy of the SSL-enhanced FTP server
built from linux-ftpd-ssl. It deals with the
same denial of service as was established in
the report #788331, and the remedy is identical
to the one applied to testing as well has been
queued for jessie-pu. The relevant debdiff is
herewith attached.

Best regards,
  Mats Erik Andersson, present maintainer of linux-ftpd-ssl.

diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/changelog linux-ftpd-ssl-0.17.33+0.3/debian/changelog
--- linux-ftpd-ssl-0.17.33+0.3/debian/changelog	2011-04-20 03:47:23.000000000 +0200
+++ linux-ftpd-ssl-0.17.33+0.3/debian/changelog	2015-06-30 01:04:24.000000000 +0200
@@ -1,3 +1,11 @@
+linux-ftpd-ssl (0.17.33+0.3-1+deb7u1) wheezy; urgency=medium
+
+  * QA Upload
+  * NLST of empty directory results in segfault. (Closes: #788331)
+    + debian/patches/500-ssl.diff: Updated.
+
+ -- Mats Erik Andersson <mats.andersson@gisladisker.se>  Tue, 30 Jun 2015 01:04:03 +0200
+
 linux-ftpd-ssl (0.17.33+0.3-1) unstable; urgency=low
 
   * Update to linux-ftpd 0.17-33.
diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff
--- linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff	2011-04-20 03:47:23.000000000 +0200
+++ linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff	2015-06-16 13:46:42.000000000 +0200
@@ -3,7 +3,7 @@
 Origin: ftp://ftp.uni-mainz.de/pub/software/security/ssl/SSL-MZapps/linux-ftpd-0.17+ssl-0.3.diff.gz
 Forwarded: not-needed
 Author: Tim Hudson <tjh@cryptsoft.com>
-Last-Update: 2010-06-21
+Last-Update: 2015-06-11
 
 Index: linux-ftpd-ssl/ftpd/Makefile
 ===================================================================
@@ -917,10 +917,12 @@
  				byte_count += strlen(nbuf) + 1;
  			}
  		}
-@@ -2705,6 +3193,13 @@
+@@ -2704,8 +3193,16 @@
+ 		reply(226, "Transfer complete.");
  
  	transflag = 0;
- 	if (dout != NULL)
+-	if (dout != NULL)
++	if (dout != NULL) {
 +#ifdef USE_SSL
 +                if (ssl_data_active_flag && (ssl_data_con!=NULL)) {
 +		    SSL_free(ssl_data_con);
@@ -929,8 +931,10 @@
 +		}
 +#endif /* USE_SSL */
  		(void) fclose(dout);
++	}
  	data = -1;
  	pdata = -1;
+ out:
 @@ -2792,3 +3287,223 @@
  }
  #endif	/* TCPWRAPPERS */

--- End Message ---
--- Begin Message --- 
Version: 7.9

Hi,

These bugs relate to updates which were included in the 7.9 point
release.

Regards,

Adam

--- End Message ---
Reply to: