Your message dated Sat, 05 Sep 2015 14:33:54 +0100 with message-id <1441460034.2151.33.camel@adam-barratt.org.uk> and subject line Closing bugs for 7.9 has caused the Debian Bug report #790692, regarding wheezy-pu: package ftpd-ssl/0.17.33+0.3-1+deb7u1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 790692: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790692 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: wheezy-pu: package ftpd-ssl/0.17.33+0.3-1+deb7u1
- From: Mats Erik Andersson <mats.andersson@gisladisker.se>
- Date: Tue, 30 Jun 2015 23:24:34 +0200
- Message-id: <20150630212434.GA64560@aun.utmark.mea>
Package: release.debian.org Severity: normal Tags: wheezy User: release.debian.org@packages.debian.org Usertags: pu Hello all, I would like to proceed with an update also to oldstable/wheezy of the SSL-enhanced FTP server built from linux-ftpd-ssl. It deals with the same denial of service as was established in the report #788331, and the remedy is identical to the one applied to testing as well has been queued for jessie-pu. The relevant debdiff is herewith attached. Best regards, Mats Erik Andersson, present maintainer of linux-ftpd-ssl.diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/changelog linux-ftpd-ssl-0.17.33+0.3/debian/changelog --- linux-ftpd-ssl-0.17.33+0.3/debian/changelog 2011-04-20 03:47:23.000000000 +0200 +++ linux-ftpd-ssl-0.17.33+0.3/debian/changelog 2015-06-30 01:04:24.000000000 +0200 @@ -1,3 +1,11 @@ +linux-ftpd-ssl (0.17.33+0.3-1+deb7u1) wheezy; urgency=medium + + * QA Upload + * NLST of empty directory results in segfault. (Closes: #788331) + + debian/patches/500-ssl.diff: Updated. + + -- Mats Erik Andersson <mats.andersson@gisladisker.se> Tue, 30 Jun 2015 01:04:03 +0200 + linux-ftpd-ssl (0.17.33+0.3-1) unstable; urgency=low * Update to linux-ftpd 0.17-33. diff -Nru linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff --- linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff 2011-04-20 03:47:23.000000000 +0200 +++ linux-ftpd-ssl-0.17.33+0.3/debian/patches/500-ssl.diff 2015-06-16 13:46:42.000000000 +0200 @@ -3,7 +3,7 @@ Origin: ftp://ftp.uni-mainz.de/pub/software/security/ssl/SSL-MZapps/linux-ftpd-0.17+ssl-0.3.diff.gz Forwarded: not-needed Author: Tim Hudson <tjh@cryptsoft.com> -Last-Update: 2010-06-21 +Last-Update: 2015-06-11 Index: linux-ftpd-ssl/ftpd/Makefile =================================================================== @@ -917,10 +917,12 @@ byte_count += strlen(nbuf) + 1; } } -@@ -2705,6 +3193,13 @@ +@@ -2704,8 +3193,16 @@ + reply(226, "Transfer complete."); transflag = 0; - if (dout != NULL) +- if (dout != NULL) ++ if (dout != NULL) { +#ifdef USE_SSL + if (ssl_data_active_flag && (ssl_data_con!=NULL)) { + SSL_free(ssl_data_con); @@ -929,8 +931,10 @@ + } +#endif /* USE_SSL */ (void) fclose(dout); ++ } data = -1; pdata = -1; + out: @@ -2792,3 +3287,223 @@ } #endif /* TCPWRAPPERS */
--- End Message ---
--- Begin Message ---
- To: 725661-done@bugs.debian.org, 770955-done@bugs.debian.org, 773796-done@bugs.debian.org, 774773-done@bugs.debian.org, 774820-done@bugs.debian.org, 774850-done@bugs.debian.org, 774921-done@bugs.debian.org, 775380-done@bugs.debian.org, 775603-done@bugs.debian.org, 775664-done@bugs.debian.org, 775825-done@bugs.debian.org, 776095-done@bugs.debian.org, 776734-done@bugs.debian.org, 776781-done@bugs.debian.org, 776884-done@bugs.debian.org, 777046-done@bugs.debian.org, 777047-done@bugs.debian.org, 777372-done@bugs.debian.org, 777553-done@bugs.debian.org, 778622-done@bugs.debian.org, 779083-done@bugs.debian.org, 779622-done@bugs.debian.org, 779926-done@bugs.debian.org, 780191-done@bugs.debian.org, 780471-done@bugs.debian.org, 780798-done@bugs.debian.org, 780924-done@bugs.debian.org, 781281-done@bugs.debian.org, 781406-done@bugs.debian.org, 781542-done@bugs.debian.org, 781885-done@bugs.debian.org, 781965-done@bugs.debian.org, 782042-done@bugs.debian.org, 782165-done@bugs.debian.org, 782409-done@bugs.debian.org, 782600-done@bugs.debian.org, 782663-done@bugs.debian.org, 782848-done@bugs.debian.org, 783659-done@bugs.debian.org, 783749-done@bugs.debian.org, 784102-done@bugs.debian.org, 785155-done@bugs.debian.org, 785348-done@bugs.debian.org, 785735-done@bugs.debian.org, 786691-done@bugs.debian.org, 786830-done@bugs.debian.org, 786919-done@bugs.debian.org, 787076-done@bugs.debian.org, 787403-done@bugs.debian.org, 787933-done@bugs.debian.org, 787947-done@bugs.debian.org, 788064-done@bugs.debian.org, 788242-done@bugs.debian.org, 788558-done@bugs.debian.org, 788664-done@bugs.debian.org, 790692-done@bugs.debian.org, 790940-done@bugs.debian.org, 793028-done@bugs.debian.org, 794962-done@bugs.debian.org, 795166-done@bugs.debian.org, 795892-done@bugs.debian.org, 797079-done@bugs.debian.org, 797213-done@bugs.debian.org
- Subject: Closing bugs for 7.9
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 05 Sep 2015 14:33:54 +0100
- Message-id: <1441460034.2151.33.camel@adam-barratt.org.uk>
Version: 7.9 Hi, These bugs relate to updates which were included in the 7.9 point release. Regards, Adam
--- End Message ---