[src/netbsd-3-0]: src/doc tickets 1958-1964

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-3-0]: src/doc tickets 1958-1964
From: bouyer <bouyer%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 17:02:22 +0000

details:   https://anonhg.NetBSD.org/src/rev/60153ba08ce8
branches:  netbsd-3-0
changeset: 579505:60153ba08ce8
user:      bouyer <bouyer%NetBSD.org@localhost>
date:      Thu Sep 18 19:31:50 2008 +0000

description:
tickets 1958-1964

diffstat:

 doc/CHANGES-3.0.4 |  51 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 50 insertions(+), 1 deletions(-)

diffs (62 lines):

diff -r 1e24b4a3e16d -r 60153ba08ce8 doc/CHANGES-3.0.4
--- a/doc/CHANGES-3.0.4 Thu Sep 18 19:28:40 2008 +0000
+++ b/doc/CHANGES-3.0.4 Thu Sep 18 19:31:50 2008 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-3.0.4,v 1.1.2.31 2008/08/29 20:39:26 bouyer Exp $
+#      $NetBSD: CHANGES-3.0.4,v 1.1.2.32 2008/09/18 19:31:50 bouyer Exp $
 
 A complete list of changes from the NetBSD 3.0.3 release to the NetBSD 3.0.4
 release:
@@ -1126,3 +1126,52 @@
        Missing "\n" in log(9) messages.
        [uebayasi, ticket #1956]
 
+libexec/ftpd/ftpd.c                            1.169
+
+       logxfer(): don't use the same buffer to store the results of two
+       separate concurrent realpath(3)s, otherwise we'll log the wrong
+       information for a rename.
+       [lukem, ticket #1958]
+
+libexec/ftpd/ftpd.c                            1.170
+
+       NLST should return 450 instead of 550 upon error, per RFC 959.
+       [lukem, ticket #1959]
+
+libexec/ftpd/ftpd.c                            1.173
+
+       Make sure that "su" is initialized before dereferencing it.
+       Fixes Coverity CID 1075.
+       [lukem, ticket #1960]
+
+libexec/ftpd/ftpd.c                            1.174
+
+       Set file to NULL after calling fclose().
+       Fixes Coverity CID 2669.
+       [lukem, ticket #1961]
+
+libexec/ftpd/ftpd.c                            1.175
+
+       Remove unreachable code (res could never be NULL here).
+       Fixes Coverity CID 712.
+       [lukem, ticket #1962]
+
+libexec/ftpd/ftpd.c                            1.179
+
+       PR/35449: Shigeya Suzuki: ftpd does not register socket address
+       into PAM
+       [lukem, ticket #1963]
+
+libexec/ftpd/extern.h                          1.58 via patch
+libexec/ftpd/ftpcmd.y                          1.88 via patch
+libexec/ftpd/ftpd.c                            1.187 via patch
+libexec/ftpd/version.h                         patch
+
+       Don't split large commands into multiple commands; just fail on them.
+       This prevents CSRF-like attacks, when a web browser is used to access
+       an ftp server.
+       Reported by Maksymilian Arciemowicz <cxib%securityreason.com@localhost>.
+       Fix mostly derived from OpenBSD, written by
+       Moritz Jodeit <moritz%OpenBSD.org@localhost>
+       [lukem, ticket #1964]
+

Prev by Date: [src/netbsd-3-0]: src/libexec/ftpd Pull up following revision(s) (requested b...
Next by Date: [src/netbsd-3-0]: src/gnu/dist/toolchain/gcc/f Apply patch, requested by mhit...
Previous by Thread: [src/netbsd-3-0]: src/libexec/ftpd Pull up following revision(s) (requested b...
Next by Thread: [src/netbsd-3-0]: src/gnu/dist/toolchain/gcc/f Apply patch, requested by mhit...
Indexes:

Home | Main Index | Thread Index | Old Index