diff options
author | Daniel Black <dragonheart@gentoo.org> | 2005-11-06 12:30:48 +0000 |
---|---|---|
committer | Daniel Black <dragonheart@gentoo.org> | 2005-11-06 12:30:48 +0000 |
commit | 48836a1ce2a09c454cf38d029b3c304362fcdc0c (patch) | |
tree | a229a187cfa9920269429fdc7f911c0e16f906e8 /net-ftp | |
parent | Version bump (#111232). Removed old ebuilds. (diff) | |
download | gentoo-2-48836a1ce2a09c454cf38d029b3c304362fcdc0c.tar.gz gentoo-2-48836a1ce2a09c454cf38d029b3c304362fcdc0c.tar.bz2 gentoo-2-48836a1ce2a09c454cf38d029b3c304362fcdc0c.zip |
fix remote hole in linux-ftpd-ssl - security bug #111573
(Portage version: 2.0.53_rc7)
Diffstat (limited to 'net-ftp')
-rw-r--r-- | net-ftp/ftpd/ChangeLog | 9 | ||||
-rw-r--r-- | net-ftp/ftpd/Manifest | 9 | ||||
-rw-r--r-- | net-ftp/ftpd/files/digest-ftpd-0.17-r2 | 1 | ||||
-rw-r--r-- | net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff | 14 | ||||
-rw-r--r-- | net-ftp/ftpd/ftpd-0.17-r2.ebuild | 58 |
5 files changed, 87 insertions, 4 deletions
diff --git a/net-ftp/ftpd/ChangeLog b/net-ftp/ftpd/ChangeLog index 6646962eabb1..5a0d39953d53 100644 --- a/net-ftp/ftpd/ChangeLog +++ b/net-ftp/ftpd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-ftp/ftpd # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftpd/ChangeLog,v 1.17 2005/07/26 13:41:40 dholm Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftpd/ChangeLog,v 1.18 2005/11/06 12:30:48 dragonheart Exp $ + +*ftpd-0.17-r2 (06 Nov 2005) + + 06 Nov 2005; Daniel Black <dragonheart@gentoo.org> + +files/ftpd-0.17+ssl-0.3-overflowpatch.diff, +ftpd-0.17-r2.ebuild: + fix remote hole in linux-ftpd-ssl - security bug #111573 - patch thanks to + James Longstreet, bug thanks to Wernfried Haas 26 Jul 2005; David Holm <dholm@gentoo.org> ftpd-0.17-r1.ebuild: Added to ~ppc. diff --git a/net-ftp/ftpd/Manifest b/net-ftp/ftpd/Manifest index 04259c4af9a2..de416d7773c3 100644 --- a/net-ftp/ftpd/Manifest +++ b/net-ftp/ftpd/Manifest @@ -1,8 +1,11 @@ -MD5 12d43b913f1fef64fe772705df647677 ChangeLog 2084 -MD5 753fb4b95ec8ae858ff343a599376b18 ftpd-0.17-r1.ebuild 1461 -MD5 a49ca8164b73a5b126e5d4403ec0e6ef ftpd-0.17.ebuild 1410 +MD5 519950150d050fe4ca1c10fd02d16fcf ChangeLog 2362 MD5 1185c6db5ae646d809d0c757f02d8e35 files/digest-ftpd-0.17 66 MD5 1185c6db5ae646d809d0c757f02d8e35 files/digest-ftpd-0.17-r1 66 +MD5 1185c6db5ae646d809d0c757f02d8e35 files/digest-ftpd-0.17-r2 66 MD5 c77f5bcf2f56d61c7e8845d94df88164 files/ftp.xinetd 313 +MD5 fb54312525ec906691ee16975f1658be files/ftpd-0.17+ssl-0.3-overflowpatch.diff 532 MD5 7e1217f2de231dda2c8e842a7d7dfb7b files/ftpd-0.17-shadowfix.patch 895 MD5 0630d5a4a420220cc8b912bdad705f6c files/ssl.diff.gz 10444 +MD5 753fb4b95ec8ae858ff343a599376b18 ftpd-0.17-r1.ebuild 1461 +MD5 4e5860c74f17edf1d20b7d9b6da711d5 ftpd-0.17-r2.ebuild 1518 +MD5 a49ca8164b73a5b126e5d4403ec0e6ef ftpd-0.17.ebuild 1410 diff --git a/net-ftp/ftpd/files/digest-ftpd-0.17-r2 b/net-ftp/ftpd/files/digest-ftpd-0.17-r2 new file mode 100644 index 000000000000..909d577cfb10 --- /dev/null +++ b/net-ftp/ftpd/files/digest-ftpd-0.17-r2 @@ -0,0 +1 @@ +MD5 f5f491564812db5d8783daa538c49186 linux-ftpd-0.17.tar.gz 46763 diff --git a/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff b/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff new file mode 100644 index 000000000000..6290079a7062 --- /dev/null +++ b/net-ftp/ftpd/files/ftpd-0.17+ssl-0.3-overflowpatch.diff @@ -0,0 +1,14 @@ +--- linux-ftpd-0.17/ftpd/ftpd.c 2005-11-05 17:04:53.000000000 -0600 ++++ linux-ftpd-0.17-patched/ftpd/ftpd.c 2005-11-05 17:11:54.000000000 -0600 +@@ -2082,9 +2082,9 @@ + va_start(ap); + #endif + #ifdef USE_SSL +- /* assemble the output into a buffer */ ++ /* assemble the output into a buffer, checking for length*/ + sprintf(outputbuf,"%d ",n); +- vsprintf(outputbuf+strlen(outputbuf),fmt,ap); ++ vsnprintf(outputbuf+strlen(outputbuf),2048-(strlen(outputbuf) + 3),fmt,ap); + strcat(outputbuf,"\r\n"); + + if (ssl_debug_flag) diff --git a/net-ftp/ftpd/ftpd-0.17-r2.ebuild b/net-ftp/ftpd/ftpd-0.17-r2.ebuild new file mode 100644 index 000000000000..edc461904a3d --- /dev/null +++ b/net-ftp/ftpd/ftpd-0.17-r2.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftpd/ftpd-0.17-r2.ebuild,v 1.1 2005/11/06 12:30:48 dragonheart Exp $ + +inherit eutils + +IUSE="ssl" + +S=${WORKDIR}/linux-${P} +DESCRIPTION="The netkit FTP server with optional SSL support" +HOMEPAGE="http://www.hcs.harvard.edu/~dholland/computers/netkit.html" +SRC_URI="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/linux-${P}.tar.gz" + +SLOT="0" +LICENSE="as-is" +KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86" + +DEPEND="ssl? ( dev-libs/openssl )" + +RDEPEND="${DEPEND} + virtual/inetd" + +src_unpack() { + unpack ${A} + cd ${S} + if use ssl; then + epatch ${FILESDIR}/ssl.diff.gz + epatch ${FILESDIR}/${P}+ssl-0.3-overflowpatch.diff + fi + epatch ${FILESDIR}/${P}-shadowfix.patch +} + +src_compile() { + ./configure --prefix=/usr || die "configure failed" + cp MCONFIG MCONFIG.orig + sed -e "s:-pipe -O2:${CFLAGS}:" MCONFIG.orig > MCONFIG + emake || die "parallel make failed" +} + +src_install() { + dobin ftpd/ftpd + doman ftpd/ftpd.8 + dodoc README ChangeLog + insinto /etc/xinetd.d + newins ${FILESDIR}/ftp.xinetd ftp +} + +pkg_postinst() { + einfo "In order to start the server with SSL support" + einfo "You need to create a certificate and place it" + einfo "in SSLCERTDIR..." + einfo "<=openssl-0.9.6g - SSLCERTDIR=/usr/lib/ssl/certs" + einfo ">=openssl-0.9.6g-r1 - SSLCERTDIR=/etc/ssl/certs" + einfo "" + einfo "cd SSLCERTDIR" + einfo "openssl req -new -x509 -nodes -out ftpd.pem -keyout ftpd.pem" + einfo "" +} |