Patches to address recent security issue via Gentoo:

http://secunia.com/advisories/16181/
author: adrianp <adrianp@pkgsrc.org> 2005-08-06 11:51:18 +0000
committer: adrianp <adrianp@pkgsrc.org> 2005-08-06 11:51:18 +0000
commit: e37fc224e219ebba71406dafb5cfc788f37ccff8 (patch)
tree: 54dc9cce301ff63005172ed67f1133354d97b3f7 /net
parent: a80a8ae73b42c6747e558f7554350f15c312c1f4 (diff)
download: pkgsrc-e37fc224e219ebba71406dafb5cfc788f37ccff8.tar.gz
3 files changed, 55 insertions, 2 deletions
diff --git a/net/proftpd/Makefile b/net/proftpd/Makefile
index ee8d8ced7d3..4d9736392db 100644
--- a/net/proftpd/Makefile
+++ b/net/proftpd/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2005/06/23 04:49:26 christos Exp $
+# $NetBSD: Makefile,v 1.24 2005/08/06 11:51:18 adrianp Exp $
 
 DISTNAME=	proftpd-1.2.10
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.proftpd.org/distrib/source/ \
 		ftp://ftp.servus.at/ProFTPD/distrib/source/ \
diff --git a/net/proftpd/patches/patch-ad b/net/proftpd/patches/patch-ad
new file mode 100644
index 00000000000..055c20e0a0a
--- /dev/null
+++ b/net/proftpd/patches/patch-ad
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.1 2005/08/06 11:51:18 adrianp Exp $
+
+--- src/response.c.orig	2005-08-06 12:20:27.000000000 +0100
++++ src/response.c
+@@ -169,7 +169,7 @@ void pr_response_send_async(const char *
+   buf[sizeof(buf) - 1] = '\0';
+   sstrcat(buf, "\r\n", sizeof(buf));
+ 
+-  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, buf, strlen(buf))
++  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, "%s", buf)
+ }
+ 
+ void pr_response_send(const char *resp_numeric, const char *fmt, ...) {
diff --git a/net/proftpd/patches/patch-ae b/net/proftpd/patches/patch-ae
new file mode 100644
index 00000000000..7c403dde31a
--- /dev/null
+++ b/net/proftpd/patches/patch-ae
@@ -0,0 +1,40 @@
+$NetBSD: patch-ae,v 1.1 2005/08/06 11:51:18 adrianp Exp $
+
+--- contrib/mod_sql.c.orig	2004-08-03 01:44:31.000000000 +0100
++++ contrib/mod_sql.c
+@@ -2036,7 +2036,7 @@ MODRET info_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2110,7 +2110,7 @@ MODRET info_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2201,7 +2201,7 @@ MODRET errinfo_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add_err( c->argv[0], outs);
++      pr_response_add_err(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2275,7 +2275,7 @@ MODRET errinfo_master(cmd_rec *cmd) {
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+
author	adrianp <adrianp@pkgsrc.org>	2005-08-06 11:51:18 +0000
committer	adrianp <adrianp@pkgsrc.org>	2005-08-06 11:51:18 +0000
commit	e37fc224e219ebba71406dafb5cfc788f37ccff8 (patch)
tree	54dc9cce301ff63005172ed67f1133354d97b3f7 /net
parent	a80a8ae73b42c6747e558f7554350f15c312c1f4 (diff)
download	pkgsrc-e37fc224e219ebba71406dafb5cfc788f37ccff8.tar.gz