[Git][debian-proftpd-team/proftpd][master] 2 commits: Patch for Bug#952557

Hilmar Preuße gitlab at salsa.debian.org
Thu Feb 27 19:32:01 GMT 2020 


Hilmar Preuße pushed to branch master at Debian ProFTPD Team / proftpd


Commits:
0d66b7b7 by Hilmar Preusse at 2020-02-27T20:31:19+01:00
Patch for Bug#952557

- - - - -
ac2b203f by Hilmar Preusse at 2020-02-27T20:31:31+01:00
Patch for Bug#952557

- - - - -


3 changed files:

- debian/changelog
- + debian/patches/cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+proftpd-dfsg (1.3.6c-2) UNRELEASED; urgency=medium
+
+  * Add patch from upstream as follow up for CVE-2020-9273
+    cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
+    (Closes: #952557)
+
+ -- Hilmar Preusse <hille42 at web.de>  Thu, 27 Feb 2020 20:15:25 +0100
+
 proftpd-dfsg (1.3.6c-1) unstable; urgency=medium
 
   * New upstream version.


=====================================
debian/patches/cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
=====================================
@@ -0,0 +1,24 @@
+From cd9036f4ef7a05c107f0ffcb19a018b20267c531 Mon Sep 17 00:00:00 2001
+From: TJ Saunders <tj at castaglia.org>
+Date: Sat, 22 Feb 2020 09:40:32 -0800
+Subject: [PATCH] Issue #903: We want to remove the data transfer command pool,
+ but we _do_ want some memory pool, lest we regress the %{transfer-status}
+ LogFormat functionality.
+
+---
+ src/data.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/data.c b/src/data.c
+index 6ef6d420e..e7b03e231 100644
+--- a/src/data.c
++++ b/src/data.c
+@@ -897,7 +897,7 @@ void pr_data_abort(int err, int quiet) {
+     /* Forcibly clear the data-transfer instigating command pool from the
+      * Response API.
+      */
+-    pr_response_set_pool(NULL);
++    pr_response_set_pool(session.pool);
+   }
+ 
+   if (true_abort) {


=====================================
debian/patches/series
=====================================
@@ -22,3 +22,4 @@ wrong-path-for-interpreter_perl.diff
 # issue_846_CVE-2019-18217.diff
 # upstream_pull_859_861_CVE-2019-19270_CVE-2019-19269
 # upstream_4385
+cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch



View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/compare/14e40fdf1af5ef190a1293c792c331b27314bad5...ac2b203fd740d07ce59129d9f596c60963017e95

-- 
View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/compare/14e40fdf1af5ef190a1293c792c331b27314bad5...ac2b203fd740d07ce59129d9f596c60963017e95
You're receiving this email because of your account on salsa.debian.org.

More information about the Pkg-proftpd-maintainers mailing list