diff options
| author |   Daniel Black <dragonheart@gentoo.org> | 2005-11-06 12:30:48 +0000 |
|---|---|---|
| committer | Daniel Black <dragonheart@gentoo.org> | 2005-11-06 12:30:48 +0000 |
| commit | 2c25cde73f3dbd07a17f6b95bf5011cb242692b2 (patch) | |
| tree | 7305c2645bc31496a64a21d13f0d79263060c111 /net-ftp/ftpd/files | |
| parent | Version bump (#111232). Removed old ebuilds. (diff) | |
| download | historical-2c25cde73f3dbd07a17f6b95bf5011cb242692b2.tar.gz historical-2c25cde73f3dbd07a17f6b95bf5011cb242692b2.tar.bz2 historical-2c25cde73f3dbd07a17f6b95bf5011cb242692b2.zip | |
fix remote hole in linux-ftpd-ssl - security bug #111573
Package-Manager: portage-2.0.53_rc7
Diffstat (limited to 'net-ftp/ftpd/files')
| -rw-r--r-- | net-ftp/ftpd/files/digest-ftpd-0.17-r2 | 1 | ||||
| -rw-r--r-- | net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff | 14 |
2 files changed, 15 insertions, 0 deletions
diff --git a/net-ftp/ftpd/files/digest-ftpd-0.17-r2 b/net-ftp/ftpd/files/digest-ftpd-0.17-r2 new file mode 100644 index 000000000000..909d577cfb10 --- /dev/null +++ b/net-ftp/ftpd/files/digest-ftpd-0.17-r2 @@ -0,0 +1 @@ +MD5 f5f491564812db5d8783daa538c49186 linux-ftpd-0.17.tar.gz 46763 diff --git a/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff b/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff new file mode 100644 index 000000000000..6290079a7062 --- /dev/null +++ b/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff @@ -0,0 +1,14 @@ +--- linux-ftpd-0.17/ftpd/ftpd.c 2005-11-05 17:04:53.000000000 -0600 ++++ linux-ftpd-0.17-patched/ftpd/ftpd.c 2005-11-05 17:11:54.000000000 -0600 +@@ -2082,9 +2082,9 @@ + va_start(ap); + #endif + #ifdef USE_SSL +- /* assemble the output into a buffer */ ++ /* assemble the output into a buffer, checking for length*/ + sprintf(outputbuf,"%d ",n); +- vsprintf(outputbuf+strlen(outputbuf),fmt,ap); ++ vsnprintf(outputbuf+strlen(outputbuf),2048-(strlen(outputbuf) + 3),fmt,ap); + strcat(outputbuf,"\r\n"); + + if (ssl_debug_flag) |