source-changes: Re: CVS commit: pkgsrc [root exploit on wu-ftpd]

Subject: Re: CVS commit: pkgsrc [root exploit on wu-ftpd]
To: None <security@netbsd.org, source-changes@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: source-changes
Date: 07/09/2000 13:03:39

[ On Saturday, July 8, 2000 at 15:59:03 (-0400), Johnny C. Lam wrote: ]
> Subject: Re: CVS commit: pkgsrc [root exploit on wu-ftpd]
>
> Rene Hexel <rh@netbsd.org> writes:
> > Log Message:
> > Update wu-ftpd to 2.6.1
> > 
> > Changes to 2.6.0 include:
> >  o  Fix security leaks that could result in a root shell compromise.
> 
> Shouldn't there be some security advisory noting this for pkgsrc users?

Especially given that NetBSD was not mentioned in the initial CERT
advisory of this issue.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>