From owner-cvs-all  Mon Apr 30  0:33:44 2001
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8EB1737B422; Mon, 30 Apr 2001 00:33:40 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
Received: (from kris@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f3U7Xep54908;
	Mon, 30 Apr 2001 00:33:40 -0700 (PDT)
	(envelope-from kris)
Message-Id: <200104300733.f3U7Xep54908@freefall.freebsd.org>
From: Kris Kennaway <kris@FreeBSD.org>
Date: Mon, 30 Apr 2001 00:33:40 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: ports/ftp/gftp Makefile distinfo ports/ftp/gftp/files
         patch-ac patch-ad patch-ae patch-af
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

kris        2001/04/30 00:33:40 PDT

  Modified files:
    ftp/gftp             Makefile distinfo 
  Added files:
    ftp/gftp/files       patch-ac patch-ad patch-ae patch-af 
  Log:
  Upgrade to gftp 2.0.8 and mark FORBIDDEN. gftp 2.0.8 was a security update
  to fix a remotely exploitable format string vulnerability, but in the course
  of trying to make the new version actually build I discovered that it also
  has local tempfile vulnerabilities, among other problems.
  
  Revision  Changes    Path
  1.17      +4 -2      ports/ftp/gftp/Makefile
  1.8       +1 -1      ports/ftp/gftp/distinfo


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message