Date: Mon, 30 Apr 2001 00:33:40 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/ftp/gftp Makefile distinfo ports/ftp/gftp/files patch-ac patch-ad patch-ae patch-af Message-ID: <200104300733.f3U7Xep54908@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
kris 2001/04/30 00:33:40 PDT
Modified files:
ftp/gftp Makefile distinfo
Added files:
ftp/gftp/files patch-ac patch-ad patch-ae patch-af
Log:
Upgrade to gftp 2.0.8 and mark FORBIDDEN. gftp 2.0.8 was a security update
to fix a remotely exploitable format string vulnerability, but in the course
of trying to make the new version actually build I discovered that it also
has local tempfile vulnerabilities, among other problems.
Revision Changes Path
1.17 +4 -2 ports/ftp/gftp/Makefile
1.8 +1 -1 ports/ftp/gftp/distinfo
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104300733.f3U7Xep54908>