Summary: | net-ftp/gftp < 2.0.18-r6 uses vulnerable fsplib code (CVE-2007-3961, CVE-2007-3962) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matt Fleming (RETIRED) <mjf> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gnome |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/26378/ | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Matt Fleming (RETIRED)
2007-08-09 18:08:13 UTC
CC'ing maintainer and setting whiteboard status. There is no patched version out, I looked on other distribution's bug databases and found...nothing. These are the security fixes between fsplib 0.8 and 0.9 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.17&r2=1.18 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.19&r2=1.20 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.20&r2=1.21 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.21&r2=1.22 http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.h?r1=1.12&r2=1.13 and a fix for that was in fsplib-0.8 which isn't in the gftp-2.0.18 (it is in CVS). http://fsp.cvs.sourceforge.net/fsp/fsplib/fsplib.c?r1=1.15&r2=1.16 Here's the changelog for 0.9 and 0.8 of fsplib, 0.9 Solaris compile fix by Brian Masney fix possible security hole if MAXNAMLEN>256 reported by Kalle Olavi Niemitalo add terminating \0 if directory entry is MAXNAMELEN long check if server sends ASCIIZ terminated filenames reported by Kalle Olavi Niemitalo fixed possible buffer overflow on systems not defining dirent.d_name long enough. Reported by Kalle Olavi Niemitalo 0.8 Security bugfix release off by one error, found by David Binderman https://bugzilla.novell.com/show_bug.cgi?id=150399 I've bumped to gftp-2.0.18-r6 with all of those fixes in. Thanks. Arches, please stabilize net-ftp/gftp-2.0.18-r6, targets are: "alpha amd64 ppc ppc64 sparc x86". x86 stable alpha stable ppc64 stable Marked stable on amd64. sparc stable ppc stable, ready for glsa glsa request filed. GLSA 200711-01, sorry for the delay. |