ports/70624: Security update to latest tnftpd-20040810
Rudolf Cejka
cejkar at fit.vutbr.cz
Wed Aug 18 17:20:14 UTC 2004
>Number: 70624
>Category: ports
>Synopsis: Security update to latest tnftpd-20040810
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed Aug 18 17:20:13 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Rudolf Cejka
>Release: FreeBSD 4.9-STABLE i386
>Organization:
FIT, Brno University of Technology, Czech Republic
>Environment:
>Description:
There is a patch for update to tnftpd 20040810, which contains latest
security fixes
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc
# cd /usr/ports/ftp/tnftpd
# patch < tnftpd.diff
-- tnftpd.diff begin --
diff -urN ../tnftpd.orig/Makefile ./Makefile
--- ../tnftpd.orig/Makefile Mon May 24 10:20:57 2004
+++ ./Makefile Wed Aug 18 15:38:10 2004
@@ -6,8 +6,7 @@
#
PORTNAME= tnftpd
-PORTVERSION= 20031217
-PORTREVISION= 1
+PORTVERSION= 20040810
CATEGORIES= ftp ipv6
MASTER_SITES= ftp://ftp.netbsd.org/pub/NetBSD/misc/tnftp/
diff -urN ../tnftpd.orig/distinfo ./distinfo
--- ../tnftpd.orig/distinfo Fri Mar 19 11:59:38 2004
+++ ./distinfo Wed Aug 18 15:39:50 2004
@@ -1,2 +1,2 @@
-MD5 (tnftpd-20031217.tar.gz) = b33d184b49bf5335cc59c2827f4c71aa
-SIZE (tnftpd-20031217.tar.gz) = 177483
+MD5 (tnftpd-20040810.tar.gz) = a51e89237973db43ae3fd0bb448e9ae4
+SIZE (tnftpd-20040810.tar.gz) = 178638
diff -urN ../tnftpd.orig/files/patch-configure ./files/patch-configure
--- ../tnftpd.orig/files/patch-configure Mon May 17 14:47:28 2004
+++ ./files/patch-configure Wed Aug 18 15:44:22 2004
@@ -1,6 +1,6 @@
--- configure.orig Mon May 17 14:46:54 2004
+++ configure Mon May 17 14:47:14 2004
-@@ -2423,6 +2423,7 @@
+@@ -2434,6 +2434,7 @@
cat > conftest.$ac_ext <<EOF
#line 2425 "configure"
#include "confdefs.h"
diff -urN ../tnftpd.orig/files/patch-src-Makefile.in ./files/patch-src-Makefile.in
--- ../tnftpd.orig/files/patch-src-Makefile.in Fri Jan 23 23:51:48 2004
+++ ./files/patch-src-Makefile.in Wed Aug 18 16:36:34 2004
@@ -1,6 +1,6 @@
--- src/Makefile.in-orig Mon Feb 17 22:57:18 2003
+++ src/Makefile.in Mon Feb 17 22:57:48 2003
-@@ -22,8 +22,7 @@
+@@ -23,8 +23,7 @@
INSTALL = @INSTALL@
PROG = tnftpd
diff -urN ../tnftpd.orig/files/patch-src-ftpd.c ./files/patch-src-ftpd.c
--- ../tnftpd.orig/files/patch-src-ftpd.c Wed Feb 4 14:51:38 2004
+++ ./files/patch-src-ftpd.c Wed Aug 18 17:27:31 2004
@@ -1,20 +1,17 @@
---- src/ftpd.c-orig Tue Feb 3 18:16:46 2004
-+++ src/ftpd.c Tue Feb 3 18:19:26 2004
-@@ -436,6 +436,7 @@
- if (EMPTYSTR(confdir))
- confdir = _DEFAULT_CONFDIR;
-
-+#ifdef _SC_LOGIN_NAME_MAX
- errno = 0;
- l = sysconf(_SC_LOGIN_NAME_MAX);
- if (l == -1 && errno != 0) {
-@@ -446,6 +447,9 @@
- curname_len = _POSIX_LOGIN_NAME_MAX;
+--- src/ftpd.c-orig Wed Aug 18 17:22:30 2004
++++ src/ftpd.c Wed Aug 18 17:27:28 2004
+@@ -450,12 +450,12 @@
+ exit(1);
+ } else if (l <= 0) {
+ syslog(LOG_WARNING, "using conservative LOGIN_NAME_MAX value");
+- curname_len = _POSIX_LOGIN_NAME_MAX;
++ curname_len = LOGIN_NAME_MAX;
} else
curname_len = (size_t)l;
-+#else
+ #else
+ /* using conservative LOGIN_NAME_MAX value */
+- curname_len = _POSIX_LOGIN_NAME_MAX;
+ curname_len = LOGIN_NAME_MAX;
-+#endif
+ #endif
curname = malloc(curname_len);
if (curname == NULL) {
- syslog(LOG_ERR, "malloc: %m");
diff -urN ../tnftpd.orig/files/patch-src-logutmp.c ./files/patch-src-logutmp.c
--- ../tnftpd.orig/files/patch-src-logutmp.c Wed Feb 4 14:51:38 2004
+++ ./files/patch-src-logutmp.c Wed Aug 18 16:37:46 2004
@@ -1,6 +1,6 @@
--- src/logutmp.c-orig Thu Jan 29 15:43:57 2004
+++ src/logutmp.c Thu Jan 29 15:44:33 2004
-@@ -60,13 +60,13 @@
+@@ -59,13 +59,13 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff -urN ../tnftpd.orig/files/patch-src-logwtmp.c ./files/patch-src-logwtmp.c
--- ../tnftpd.orig/files/patch-src-logwtmp.c Wed Aug 11 10:52:49 2004
+++ ./files/patch-src-logwtmp.c Wed Aug 18 16:45:05 2004
@@ -11,10 +11,10 @@
#include <fcntl.h>
+#include <netdb.h>
- #include <setjmp.h>
#include <signal.h>
#include <stdio.h>
-@@ -57,7 +59,6 @@
+ #include <string.h>
+@@ -56,7 +58,6 @@
#ifdef SUPPORT_UTMPX
#include <utmpx.h>
#endif
@@ -22,7 +22,7 @@
#ifdef KERBEROS5
#include <krb5/krb5.h>
-@@ -80,6 +81,26 @@
+@@ -79,6 +80,26 @@
{
struct utmp ut;
struct stat buf;
diff -urN ../tnftpd.orig/files/patch-tnftpd.h ./files/patch-tnftpd.h
--- ../tnftpd.orig/files/patch-tnftpd.h Wed Feb 4 14:51:38 2004
+++ ./files/patch-tnftpd.h Wed Aug 18 17:26:54 2004
@@ -1,12 +1,12 @@
--- tnftpd.h-orig Wed Dec 17 02:43:41 2003
+++ tnftpd.h Tue Feb 3 18:14:15 2004
-@@ -429,5 +429,9 @@
+@@ -426,5 +426,9 @@
#define TM_YEAR_BASE 1900
#if ! defined(LOGIN_NAME_MAX)
+#if defined(MAXLOGNAME)
+# define LOGIN_NAME_MAX MAXLOGNAME
-+#elif ! defined(LOGIN_NAME_MAX)
++#else
# define LOGIN_NAME_MAX (9)
+#endif
#endif
-- tnftpd.diff end --
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list