Add a PATCH_FILE to close a security hole in wu-ftpd.

Quoted from wu-ftpd group's accouncement: Due to insufficient bounds checking on directory name lengths which can be supplied by users, it is possible to overwrite the static memory space of the wu-ftpd daemon while it is executing under certain configurations. By having the ability to create directories and supplying carefully designed directory names to the wu-ftpd, users may gain privileged access. PR: 13475 Submitted by: jack@germanium.xtalwind.net
author: Chris Piazza <cpiazza@FreeBSD.org> 1999-08-30 19:14:07 +0000
committer: Chris Piazza <cpiazza@FreeBSD.org> 1999-08-30 19:14:07 +0000
commit: 58ca2806f3504fbc6fb341a28d0adfa9503f72a9 (patch)
tree: d22f266e7f50c04b645bd84bb80673d1a37ad11d /ftp/wu-ftpd+ipv6
parent: 0026d832e3b05eee91618ce12b019166cf6b4ecb (diff)
2 files changed, 4 insertions, 0 deletions
diff --git a/ftp/wu-ftpd+ipv6/Makefile b/ftp/wu-ftpd+ipv6/Makefile
index 20940b692a64..7ca3f872b7d3 100644
--- a/ftp/wu-ftpd+ipv6/Makefile
+++ b/ftp/wu-ftpd+ipv6/Makefile
@@ -12,6 +12,9 @@ DISTNAME=       wu-ftpd-2.5.0
 CATEGORIES=	ftp
 MASTER_SITES=   ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd/
 
+PATCH_SITES=	ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/
+PATCHFILES=	mapped.path.overrun.patch
+
 MAINTAINER=     ache@FreeBSD.org
 
 Y2K=		http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html#QA35
diff --git a/ftp/wu-ftpd+ipv6/distinfo b/ftp/wu-ftpd+ipv6/distinfo
index 213f7f23a0d8..0a187286a77d 100644
--- a/ftp/wu-ftpd+ipv6/distinfo
+++ b/ftp/wu-ftpd+ipv6/distinfo
@@ -1 +1,2 @@
 MD5 (wu-ftpd-2.5.0.tar.gz) = 98f9c8490e0d1ca2c3c57e60e65803b7
+MD5 (mapped.path.overrun.patch) = b01b65652eb3816f0ab11971ac52424d
author	Chris Piazza <cpiazza@FreeBSD.org>	1999-08-30 19:14:07 +0000
committer	Chris Piazza <cpiazza@FreeBSD.org>	1999-08-30 19:14:07 +0000
commit	58ca2806f3504fbc6fb341a28d0adfa9503f72a9 (patch)
tree	d22f266e7f50c04b645bd84bb80673d1a37ad11d /ftp/wu-ftpd+ipv6
parent	0026d832e3b05eee91618ce12b019166cf6b4ecb (diff)