From ${URL} : Part of the SFTP handshake involves "extensions", which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The mod_sftp module currently places no bounds/length limitations when reading these SFTP extension key/value data from the network. A malicious attacker might attempt to encode large values, and allocate more memory than is necessary. To avoid undue resource exhaustion by a remote client, mod_sftp should place a limit on the maximum length of acceptable extension keys/values. Upstream bug: http://bugs.proftpd.org/show_bug.cgi?id=4210 Upstream patch: https://github.com/proftpd/proftpd/pull/171 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Pushed proftpd-1.3.5a-r2 as: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0701a27f2fb7e5d820b9da4317ee99b655cfd468 """ commit 0701a27f2fb7e5d820b9da4317ee99b655cfd468 Author: Sergei Trofimovich <slyfox@gentoo.org> Date: Tue Dec 1 22:22:50 2015 +0000 net-ftp/proftpd: fix size limit of SFTP handshake, bug #567252 Reported-by: Agostino Sarubbo Bug: https://bugs.gentoo.org/567252 Bug: http://bugs.proftpd.org/4210 Package-Manager: portage-2.2.25 .../files/proftpd-1.3.5a-unbound-sftp-p1.patch | 70 ++++++ .../files/proftpd-1.3.5a-unbound-sftp-p2.patch | 61 ++++++ net-ftp/proftpd/proftpd-1.3.5a-r2.ebuild | 240 +++++++++++++++++++++ 3 files changed, 371 insertions(+) """
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.
Arches, please stabilize =net-ftp/proftpd/proftpd-1.3.5a-r2 on the following targets: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 Thanks!
amd64 stable
Stable for HPPA PPC64.
ppc stable
arm stable
x86 stable
sparc stable
alpha stable
ia64 stable. Maintainer(s), please cleanup. Security, please vote.
Dropped old vulnerable versions as: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=74586a24b5ed75931733b07d3b9d3aecedb6efb6
GLSA Vote: No Thank you all for you work. Closing as [noglsa].