Subject: Re: CVS commit: pkgsrc
To: None <Thilo.Manske@HEH.Uni-Oldenburg.DE>
From: Rene Hexel <>
List: source-changes
Date: 02/14/1999 09:44:41
In article <>,
	Thilo Manske <Thilo.Manske@HEH.Uni-Oldenburg.DE> writes:

> Does this fix those buffer overflows as described in CERT Advisory
> CA-99.03?

  It does -- or at least it should.  It incorporates the patch
RedHat made to its linux version of wu-ftpd.  However, I just
read a message on bugtraq that some buffer overflow vulnerability
still remains with that fix.

  I just performed a few tests, and yes, it seems like some holes
still remain.  I'll investigate the source code and see whether I
can come up with a fix ...