Some vulnerabilities have been reported in gFTP, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to the use of vulnerable fsplib code, which may allow the execution of arbitrary code.
CC'ing maintainer and setting whiteboard status.
There is no patched version out, I looked on other distribution's bug databases and found...nothing.
These are the security fixes between fsplib 0.8 and 0.9
and a fix for that was in fsplib-0.8 which isn't in the gftp-2.0.18 (it is in CVS).
Here's the changelog for 0.9 and 0.8 of fsplib,
Solaris compile fix by Brian Masney
fix possible security hole if MAXNAMLEN>256 reported by
Kalle Olavi Niemitalo
add terminating \0 if directory entry is MAXNAMELEN long
check if server sends ASCIIZ terminated filenames
reported by Kalle Olavi Niemitalo
fixed possible buffer overflow on systems not defining dirent.d_name
long enough. Reported by Kalle Olavi Niemitalo
Security bugfix release
off by one error, found by David Binderman
I've bumped to gftp-2.0.18-r6 with all of those fixes in.
Arches, please stabilize net-ftp/gftp-2.0.18-r6, targets are: "alpha amd64 ppc ppc64 sparc x86".
Marked stable on amd64.
ppc stable, ready for glsa
glsa request filed.
GLSA 200711-01, sorry for the delay.