[SCM] proftpd-dfsg branch, debian/1.3.3, updated. debian/1.3.3a-6-31-g36c2078
Francesco Paolo Lovergine
frankie at debian.org
Mon Mar 21 22:12:03 UTC 2011
The following commit has been merged in the debian/1.3.3 branch:
commit 36c2078d17b3a8276e1f4dc5240d7057b8ca5831
Author: Francesco Paolo Lovergine <frankie at debian.org>
Date: Mon Mar 21 22:53:18 2011 +0100
Fixed #3624 for urgent release
diff --git a/debian/changelog b/debian/changelog
index cab363d..d68db71 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+proftpd-dfsg (1.3.3d-7) unstable; urgency=low
+
+ * [SECURITY] new patch debian/patches/3624: this patch fixes the issue by
+ causing mod_tls to clear the buffers of any data received from the client,
+ once the SSL/TLS handshake has succeeded.
+
+ -- Francesco Paolo Lovergine <frankie at debian.org> Mon, 21 Mar 2011 22:48:51 +0100
+
proftpd-dfsg (1.3.3d-6) unstable; urgency=low
* Moved ftp user home to /srv/ftp as used by other ftp servers.
diff --git a/debian/patches/3624 b/debian/patches/3624
new file mode 100644
index 0000000..41e1fab
--- /dev/null
+++ b/debian/patches/3624
@@ -0,0 +1,43 @@
+Index: git/contrib/mod_tls.c
+===================================================================
+--- git.orig/contrib/mod_tls.c 2011-03-21 22:48:26.000000000 +0100
++++ git/contrib/mod_tls.c 2011-03-21 22:52:10.000000000 +0100
+@@ -61,7 +61,7 @@
+ # include <sys/mman.h>
+ #endif
+
+-#define MOD_TLS_VERSION "mod_tls/2.4.1"
++#define MOD_TLS_VERSION "mod_tls/2.4.2"
+
+ /* Make sure the version of proftpd is as necessary. */
+ #if PROFTPD_VERSION_NUMBER < 0x0001021001
+@@ -2758,11 +2758,29 @@
+
+ /* Stash the SSL object in the pointers of the correct NetIO streams. */
+ if (conn == session.c) {
++ pr_buffer_t *strm_buf;
++
+ ctrl_ssl = ssl;
+ tls_ctrl_rd_nstrm->strm_data = tls_ctrl_wr_nstrm->strm_data = (void *) ssl;
+
++ /* Clear any data from the NetIO stream buffers which may have been read
++ * in before the SSL/TLS handshake occurred (Bug#3624).
++ */
++ strm_buf = tls_ctrl_rd_nstrm->strm_buf;
++ strm_buf->current = NULL;
++ strm_buf->remaining = strm_buf->buflen;
++
+ } else if (conn == session.d) {
++ pr_buffer_t *strm_buf;
++
+ tls_data_rd_nstrm->strm_data = tls_data_wr_nstrm->strm_data = (void *) ssl;
++
++ /* Clear any data from the NetIO stream buffers which may have been read
++ * in before the SSL/TLS handshake occurred (Bug#3624).
++ */
++ strm_buf = tls_data_rd_nstrm->strm_buf;
++ strm_buf->current = NULL;
++ strm_buf->remaining = strm_buf->buflen;
+ }
+
+ #if OPENSSL_VERSION_NUMBER == 0x009080cfL
diff --git a/debian/patches/series b/debian/patches/series
index 5731575..a2dff75 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -13,3 +13,4 @@ prxs
silent
CVE-2011-1137
use_hypen_in_manpage.patch
+3624
--
ProFTPD core package
More information about the Pkg-proftpd-maintainers
mailing list