What is the status with wu-ftpd updated potato packages?

To: debian-security@lists.debian.org
Subject: What is the status with wu-ftpd updated potato packages?
From: Federico Grau <grauf@rfa.org>
Date: Thu, 29 Nov 2001 20:28:36 -0500
Message-id: <[🔎] 20011129202834.L19351@rfa.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello, 

I just signed up with the debian-security mailing list so I am not up to speed
with all the discussions.

What is the status with the wu-ftpd updated potato packages?  

I could find no mention of it on the debian main or security web pages and a
search of several mailing lists showed no mention to what is being done about
this exploit (The most recent wu-ftpd discussion was on Dec 4 / 6 in
debian-user).

Searching through the posts on the slashdot discussion made no mention of
updating the packages either (though they did recomend switching to proftpd or
even better bsd-ftpd which is based on openbsd).  

Announcements on bugtraq mention that debian is working on a patch, but
updated "stable/potato" packages have not been released yet.  I know redhat
released their announcement early, but it pains me to see redhat ahead of
debian on the security fix by almost 2 days.

Are there other sysadmins using wu-ftpd and if so what are they doing about
this vulnurability?

thanks,
donfede


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8BuDCSeRbV/op2s4RAjaMAJ40rz/LyNcf6i+CHXd8jSBflAjHxwCeLfL8
zcfPbkaTdKAGMCnyVOe7YEU=
=9WdP
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: What is the status with wu-ftpd updated potato packages?
  - From: Nicole Zimmerman <colby@wsu.edu>

Prev by Date: Re: VI wrapper for SUDO?
Next by Date: Re: VI wrapper for SUDO? - another bad way ??
Previous by thread: Re: VI wrapper for SUDO? - aliases
Next by thread: Re: What is the status with wu-ftpd updated potato packages?
Index(es):
- Date
- Thread