Patches to address recent security issue via Gentoo:

http://secunia.com/advisories/16181/
2005-08-06 11:51:18 +00:00 · 2005-08-06 11:51:18 +00:00 · e37fc224e2
commit e37fc224e2
parent a80a8ae73b
3 changed files with 55 additions and 2 deletions
--- a/net/proftpd/Makefile
+++ b/net/proftpd/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2005/06/23 04:49:26 christos Exp $
+# $NetBSD: Makefile,v 1.24 2005/08/06 11:51:18 adrianp Exp $

 DISTNAME=	proftpd-1.2.10
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.proftpd.org/distrib/source/ \
 		ftp://ftp.servus.at/ProFTPD/distrib/source/ \
--- a/net/proftpd/patches/patch-ad
+++ b/net/proftpd/patches/patch-ad
@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.1 2005/08/06 11:51:18 adrianp Exp $
+
+--- src/response.c.orig	2005-08-06 12:20:27.000000000 +0100
+++ src/response.c
+@@ -169,7 +169,7 @@ void pr_response_send_async(const char *
+   buf[sizeof(buf) - 1] = '\0';
+   sstrcat(buf, "\r\n", sizeof(buf));
+ 
+-  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, buf, strlen(buf))
+  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, "%s", buf)
+ }
+ 
+ void pr_response_send(const char *resp_numeric, const char *fmt, ...) {
--- a/net/proftpd/patches/patch-ae
+++ b/net/proftpd/patches/patch-ae
@ -0,0 +1,40 @@
+$NetBSD: patch-ae,v 1.1 2005/08/06 11:51:18 adrianp Exp $
+
+--- contrib/mod_sql.c.orig	2004-08-03 01:44:31.000000000 +0100
+++ contrib/mod_sql.c
+@@ -2036,7 +2036,7 @@ MODRET info_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
+      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2110,7 +2110,7 @@ MODRET info_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
+      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2201,7 +2201,7 @@ MODRET errinfo_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add_err( c->argv[0], outs);
+      pr_response_add_err(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2275,7 +2275,7 @@ MODRET errinfo_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
+      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+