Date: Wed, 24 Sep 2003 10:28:40 +0300 From: Peter Pentchev <roam@ringlet.net> To: Haesu <haesu@towardex.com> Cc: freebsd-security@freebsd.org Subject: Re: [da@securityfocus.com: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)] Message-ID: <20030924072840.GD396@straylight.oblivion.bg> In-Reply-To: <20030924062014.GA36641@scylla.towardex.com> References: <20030924001358.GB901@users.munk.nu> <20030924062014.GA36641@scylla.towardex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Wed, Sep 24, 2003 at 02:20:14AM -0400, Haesu wrote: > I just want to clarify... > > # $FreeBSD: ports/ftp/proftpd/Makefile,v 1.56 2003/09/23 18:42:43 mharo Exp $ > # > > PORTNAME= proftpd > PORTVERSION= 1.2.8 > PORTREVISION= 1 > > Is that the updated port that fixes vulnerability? It's 1.2.8 still, but I think > this is the patched version, since rcsID shows 9/23 which is yesterday. Yes, this is the fixed version. Although the port version is still at 1.2.8, the port revision was bumped to 1 yesterday (it was not defined previously, which would be equivalent to a revision of 0), so that the FreeBSD port version is now actually 1.2.8_1. G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 You have, of course, just begun reading the sentence that you have just finished reading. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD4DBQE/cUeo7Ri2jRYZRVMRAkptAKCcVyIVcxUEYABPdqWEJkOnGXdCSACY3E3H cB/A1tVgty+KeQhNjKew8Q== =hHq5 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030924072840.GD396>