Up to [cvs.NetBSD.org] / pkgsrc / net / tnftpd
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
tnftpd: update to 20231001. Changes in tnftpd from 20200704 to 20231001: Security fixes to improve error handling when switching UID/GID, and to prevent MLSD and MLST before authentication succeeds. Fix buffer overflows when counting users, and when authenticating using PAM.
net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch
net: Remove SHA1 hashes for distfiles
tnftpd: Update to 20200704 Sat Jul 4 06:40:38 UTC 2020 lukem * Release as "tnftpd 20200704". * Change --with-blacklist to --with-blocklist and search for libblocklist first, falling back to the legacy libblacklist. * Update to NetBSD-ftpd 20200615: * Increase some buffer sizes. * Rename blacklist to blocklist.
tnftpd: Update to 20190602 Changes in tnftpd from 20130325 to 20190602: Security fixes to avoid resource exhaustion when globbing paths, traversing directories, or parsing numbers. Support NetBSD blacklistd(8). Add -f option to ftpd to stay in foreground with -D.
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Security fix to tnftpd, to bring the version to 20130325. Differences from previous 20100324 version: Mon Mar 25 03:51:20 UTC 2013 lukem * Fix incorrect use of test(1) in configure. Fri Mar 22 09:00:00 UTC 2013 lukem * Release as "tnftpd 20130322" * Update build framekwork to autoconf 2.69, automake 1.11.1, libtool 2.4.2. * Replace glob with newer copy from NetBSD that does not suffer from DoS exhaustion attacks. Fix in NetBSD from Maksymilian Arciemowicz. See CVE-2010-2632 * Update to NetBSD-ftpd 20130321: * Fix warnings and build issues * Fix memcpy usage * Fix remote crash (fix was already pulled up manually to tnftpd 20100324). PR/43023 from Bruce Cran. * Reduce priority of syslog message if getpeername returns ENOTCONN. PR/18934 from Greg A Woods. pkgsrc changes - use pkgsrc libtool and add LICENSE
Update to tnftpd-20100324: Security fix when globbing paths. Install example configuration files.
Update tnftpd to 20091122: * Security fixes for fts in the internal ls. Received from OpenBSD via US-CERT as VU #590371. * Portability improvements. * Add support for Tru64 Security Integration Architecture (SIA) authentication. * Fix shadow password expiry check for users with large sp_max values.
Pullup ticket #2549 - requested by lukem tnftpd: security update Revisions pulled up: - net/tnftpd/Makefile 1.18 - net/tnftpd/PLIST 1.3 - net/tnftpd/distinfo 1.10 - net/tnftpd/options.mk 1.2 - net/tnftpd/patches/patch-aa delete --- Module Name: pkgsrc Committed By: lukem Date: Thu Oct 9 04:14:29 UTC 2008 Modified Files: pkgsrc/net/tnftpd: Makefile PLIST distinfo options.mk Removed Files: pkgsrc/net/tnftpd/patches: patch-aa Log Message: Update to tnftpd 20081009. Notable changes since 20061217: * Don't split large commands into multiple commands; just fail on them. This prevents cross-site request forgery (CSRF)-like attacks, when a web browser is used to access an ftp server. * Enhance -C to support an optional @host ('-C user[@host]'): checks whether user as connecting from host would be granted access by ftpusers(5). * Support IPv6 in the host directive of ftpusers(5). * Implement -n to disable hostname lookups. * Disable SOCKS support; I don't have the ability to test it, and the autoconf checks were very out of date. * Add configure --with-pam to enable PAM authentication support. Defaults to checking for PAM. * Add configure --with-skey to enable S/Key authentication support. Incompatible with --with-pam, defaults to no. * Fix pathnames in the installed manual pages to contain the appropriate $(prefix) substitution. * Use fcntl(3) locking instead of flock(3) or lockf(3). * Various other portability improvements.
Update to tnftpd 20081009. Notable changes since 20061217: * Don't split large commands into multiple commands; just fail on them. This prevents cross-site request forgery (CSRF)-like attacks, when a web browser is used to access an ftp server. * Enhance -C to support an optional @host ('-C user[@host]'): checks whether user as connecting from host would be granted access by ftpusers(5). * Support IPv6 in the host directive of ftpusers(5). * Implement -n to disable hostname lookups. * Disable SOCKS support; I don't have the ability to test it, and the autoconf checks were very out of date. * Add configure --with-pam to enable PAM authentication support. Defaults to checking for PAM. * Add configure --with-skey to enable S/Key authentication support. Incompatible with --with-pam, defaults to no. * Fix pathnames in the installed manual pages to contain the appropriate $(prefix) substitution. * Use fcntl(3) locking instead of flock(3) or lockf(3). * Various other portability improvements.
Fix build on systems which have pw_change but not _PASSWORD_CHGNOW.
Update to version 20061217. requested by <martin> Changes: 20061217: ========= - Portability fix: provide a replacement daemon(3) if necessary. 20061204: ========= - Fix buffer overflow in local version of glob(3). (already fixed in pkgsrc) - Implement -D to run as a stand-alone daemon. - Add ftpd.conf(5) options: hidesymlinks recvbufsize - Enforce account expiration, and support shadow password aging where appropriate. - Return 450 instead of 550 upon NLST error. - Portability fixes and improvements.
Pullup ticket 1949 - requested by wiz security fix for tnftpd Revisions pulled up: - pkgsrc/net/tnftpd/Makefile 1.15 - pkgsrc/net/tnftpd/distinfo 1.7 - pkgsrc/net/tnftpd/patches/patch-aa 1.3 Module Name: pkgsrc Committed By: adrianp Date: Sat Dec 2 23:00:05 UTC 2006 Modified Files: pkgsrc/net/tnftpd: Makefile distinfo Added Files: pkgsrc/net/tnftpd/patches: patch-aa Log Message: Add a patch for: http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html Bumb to nb1
Add a patch for: http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html Bumb to nb1
Add RMD160 digests.
Update to tnftpd 20040810. Notable changes: * remove use of setjmp/longjmp * improve safety of signal handlers * fix minor memory leaks * improve portability to BSD/OS 3.0
incorporate patch from othersrc/libexec/tnftpd to honour --sysconfdir (will be included in the next release) and make the package honour PKG_SYSCONFDIR. use CONF_FILES to install the sample configuration ftpd.conf and ftpusers. bump PKGREVISION, as the default configuration file location has changed to ${PKG_SYSCONFDIR}. set PKG_SYSCONFDIR.tnftpd=/etc to get the previous behaviour.
Update tnftpd to 20031217. Notable changes: * Improved portability to Tru64, IRIX, and other LP64 platforms. (Inbuilt ls works on IRIX now. Thanks to Onno van der Linden for highlighting the underlying issue!) * License updates on third party code. * Update fts(3) code to include fix for possible race condition.
Update to tnftpd 20031210. Notable changes: * portability fixes for Darwin/Tru64. * license updates * version format change
tnftpd - The NetBSD FTP Daemon. (replaces lukemftpd)
Initial revision