Date: Sun, 25 Apr 2004 23:17:10 +0200 From: Radim Kolar <hsn@netmag.cz> To: FreeBSD-gnats-submit@FreeBSD.org Cc: trevor@FreeBSD.org Subject: ports/65968: security upgrade: fspd Message-ID: <E1BHqzu-0007u5-Vs@asura.bsd> Resent-Message-ID: <200404252120.i3PLKJCo011527@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 65968 >Category: ports >Synopsis: security upgrade: fspd >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sun Apr 25 14:20:18 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Radim Kolar >Release: FreeBSD 5.2.1-RELEASE-p3 i386 >Organization: Sanatana Dharma >Environment: System: FreeBSD asura.bsd 5.2.1-RELEASE-p3 FreeBSD 5.2.1-RELEASE-p3 #6: Mon Apr 5 17:41:24 CEST 2004 root@asura.bsd:/usr/src/sys/i386/compile/UP i386 >Description: I have updated fspd port. This fixes security problem in fspd. I am also willing to maintain freebsd package since i am upstream author also. this closes 61364 and removes forbid. >How-To-Repeat: >Fix: diff -Naur /usr/ports/net/fspd/Makefile fspd/Makefile --- /usr/ports/net/fspd/Makefile Mon Feb 2 11:18:31 2004 +++ fspd/Makefile Sun Apr 25 16:25:59 2004 @@ -6,51 +6,37 @@ # PORTNAME= fspd -PORTVERSION= 2.8.1.3 +PORTVERSION= 2.8.1b19 CATEGORIES= net -MASTER_SITES= ftp://ftp.netsw.org/net/ip/filetrans/fsp/ -DISTNAME= fsp.281-B3 +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE_EXTENDED} +DISTNAME= fsp-${PORTVERSION} -MAINTAINER= trevor@FreeBSD.org +MAINTAINER= hsn@netmag.cz COMMENT= FSP daemon -FORBIDDEN= "buffer overflow (CAN-2004-0011) and directory traversal (CAN-2003-1022) bugs" - -ALL_TARGET= fspserver -DOCDIR= share/doc/${PORTNAME} -DOCFILES= BETA.README ChangeLog FILES INFO TODO INSTALL MACHINES -USE_REINPLACE= yes +DISABLE_VULNERABILITIES= yes +PORTDOCS= BETA.README ChangeLog INFO TODO INSTALL MACHINES COPYRIGHT PROTOCOL GNU_CONFIGURE= yes +USE_BZIP2= yes MAN1= fspd.1 -PLIST= ${WRKDIR}/pkg-plist -WRKSRC= ${WRKDIR}/2.8.1 - -do-patch: - ${REINPLACE_CMD} -e "s:/usr/fsp:${LOCALBASE}/etc:g" \ - ${WRKSRC}/include/server_conf.h +PLIST_FILES= sbin/fspd %%EXAMPLESDIR%%/fspd.conf +PLIST_DIRS= %%EXAMPLESDIR%% pre-install: - ${ECHO_CMD} "sbin/fspd" > ${PLIST} -.if !defined(NOPORTDOCS) -.for i in ${DOCFILES} - ${ECHO_CMD} ${DOCDIR}/${i} >> ${PLIST} -.endfor - ${ECHO_CMD} share/examples/fspd/example.conf >> ${PLIST} - ${ECHO_CMD} @dirrm ${DOCDIR} >> ${PLIST} - ${ECHO_CMD} @dirrm share/examples/fspd >> ${PLIST} -.endif + ${LN} -f ${WRKSRC}/doc/PROTOCOL ${WRKSRC}/PROTOCOL do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/server/fspd ${LOCALBASE}/sbin + ${INSTALL_PROGRAM} ${WRKSRC}/server/fspd ${PREFIX}/sbin .if !defined(NO_INSTALL_MANPAGES) - ${INSTALL_MAN} ${WRKSRC}/man/man1/fspd.1 ${LOCALBASE}/man/man1/ + ${INSTALL_MAN} ${WRKSRC}/man/fspd.1 ${MAN1PREFIX}/man/man1/ .endif .if !defined(NOPORTDOCS) - ${MKDIR} ${PREFIX}/share/examples/fspd ${PREFIX}/${DOCDIR} -.for i in ${DOCFILES} - ${INSTALL_DATA} ${WRKSRC}/${i} ${PREFIX}/${DOCDIR} + ${MKDIR} ${DOCSDIR} +.for i in ${PORTDOCS} + ${INSTALL_DATA} ${WRKSRC}/${i} ${DOCSDIR} .endfor - ${INSTALL_DATA} ${WRKSRC}/example.conf ${PREFIX}/share/examples/fspd .endif + ${MKDIR} ${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/fspd.conf ${EXAMPLESDIR} .include <bsd.port.mk> diff -Naur /usr/ports/net/fspd/distinfo fspd/distinfo --- /usr/ports/net/fspd/distinfo Mon Feb 2 11:18:31 2004 +++ fspd/distinfo Thu Jan 1 01:00:00 1970 @@ -1,2 +0,0 @@ -MD5 (fsp.281-B3.tar.gz) = b8ff7d267aa630ace3eefe51c32135ea -SIZE (fsp.281-B3.tar.gz) = 154577 diff -Naur /usr/ports/net/fspd/pkg-descr fspd/pkg-descr --- /usr/ports/net/fspd/pkg-descr Thu Nov 13 11:21:04 2003 +++ fspd/pkg-descr Sun Apr 25 17:20:45 2004 @@ -1,13 +1,14 @@ -This is a server daemon for FSP, the File Service Protocol. With -it, you can offer files to "anonymous" visitors. Bandwidth can -easily be limited. +This is a server daemon for FSP, the File Service Protocol. With it, +you can offer files to "anonymous" visitors. Bandwidth can easily be +limited. Since a service contact port (well-known port) for FSP has not been assigned by IANA (per RFC 1700), you must choose one yourself when -configuring fspd. Edit the example.conf file and place it in -${LOCALBASE}/etc/fspd.conf (typically LOCALBASE is set to /usr/local). -You can run fspd from inetd or stand-alone. +configuring fspd. Widely used ports for FSP are 21 and 2001. Edit the +fspd.conf file and place it in ${LOCALBASE}/etc/fspd.conf (typically +LOCALBASE is set to /usr/local). You can run fspd from inetd or +stand-alone. -WWW: http://www.faqs.org/faqs/fsp-faq/ +WWW: http://fsp.sourceforge.net/ Trevor Johnson >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1BHqzu-0007u5-Vs>