Date: Thu, 4 Dec 2003 09:32:49 +0100 (CET) From: Volker Stolz <stolz@i2.informatik.rwth-aachen.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/59939: [patch] Update port: www/nd to 0.8.2 Message-ID: <200312040832.hB48WnD1072461@menelaos.informatik.rwth-aachen.de> Resent-Message-ID: <200312040840.hB48e6MP057597@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59939 >Category: ports >Synopsis: [patch] Update port: www/nd to 0.8.2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Dec 04 00:40:05 PST 2003 >Closed-Date: >Last-Modified: >Originator: Volker Stolz >Release: FreeBSD 4.9-RC i386 >Organization: Lehrstuhl für Informatik II >Environment: System: FreeBSD menelaos.informatik.rwth-aachen.de 4.9-RC FreeBSD 4.9-RC #10: Tue Oct 7 12:32:25 CEST 2003 root@menelaos.informatik.rwth-aachen.de:/usr/obj/usr/src/sys/MENELAOS i386 >Description: Update to 0.8.2: - Avoid buffer overflows: "nd version 0.8.1 or earlier has a vulnerability of buffer overflow caused by a long urls, authentication realm, lock-token etc. This allows remote attackers to execute arbitrary code on the host running this command. Please use 0.8.2 or later." - Support properties which have namespace other than DAV:. - More options. >How-To-Repeat: >Fix: --- nd begins here --- diff -urN /usr/ports/www/nd/Makefile nd/Makefile --- /usr/ports/www/nd/Makefile Thu Oct 30 16:24:42 2003 +++ nd/Makefile Sun Nov 30 11:21:47 2003 @@ -6,9 +6,9 @@ # PORTNAME= nd -PORTVERSION= 0.7.2 +PORTVERSION= 0.8.2 CATEGORIES= www -MASTER_SITES= http://www.gohome.org/teranisi/ +MASTER_SITES= http://www.gohome.org/nd/ MAINTAINER= stolz+nd@i2.informatik.rwth-aachen.de COMMENT= A simple command line interface for WebDAV (RFC2518) server diff -urN /usr/ports/www/nd/distinfo nd/distinfo --- /usr/ports/www/nd/distinfo Thu Oct 30 16:24:42 2003 +++ nd/distinfo Sun Nov 30 11:21:57 2003 @@ -1 +1 @@ -MD5 (nd-0.7.2.tar.gz) = face34cf81c48e72acc991c7219f810b +MD5 (nd-0.8.2.tar.gz) = 8459a023b56bff6d8f38131369ad008a --- nd ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312040832.hB48WnD1072461>