[Git][debian-proftpd-team/proftpd][master] 2 commits: Patch for Bug#952557
Hilmar Preuße
gitlab at salsa.debian.org
Thu Feb 27 19:32:01 GMT 2020
Hilmar Preuße pushed to branch master at Debian ProFTPD Team / proftpd
Commits:
0d66b7b7 by Hilmar Preusse at 2020-02-27T20:31:19+01:00
Patch for Bug#952557
- - - - -
ac2b203f by Hilmar Preusse at 2020-02-27T20:31:31+01:00
Patch for Bug#952557
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+proftpd-dfsg (1.3.6c-2) UNRELEASED; urgency=medium
+
+ * Add patch from upstream as follow up for CVE-2020-9273
+ cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
+ (Closes: #952557)
+
+ -- Hilmar Preusse <hille42 at web.de> Thu, 27 Feb 2020 20:15:25 +0100
+
proftpd-dfsg (1.3.6c-1) unstable; urgency=medium
* New upstream version.
=====================================
debian/patches/cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
=====================================
@@ -0,0 +1,24 @@
+From cd9036f4ef7a05c107f0ffcb19a018b20267c531 Mon Sep 17 00:00:00 2001
+From: TJ Saunders <tj at castaglia.org>
+Date: Sat, 22 Feb 2020 09:40:32 -0800
+Subject: [PATCH] Issue #903: We want to remove the data transfer command pool,
+ but we _do_ want some memory pool, lest we regress the %{transfer-status}
+ LogFormat functionality.
+
+---
+ src/data.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/data.c b/src/data.c
+index 6ef6d420e..e7b03e231 100644
+--- a/src/data.c
++++ b/src/data.c
+@@ -897,7 +897,7 @@ void pr_data_abort(int err, int quiet) {
+ /* Forcibly clear the data-transfer instigating command pool from the
+ * Response API.
+ */
+- pr_response_set_pool(NULL);
++ pr_response_set_pool(session.pool);
+ }
+
+ if (true_abort) {
=====================================
debian/patches/series
=====================================
@@ -22,3 +22,4 @@ wrong-path-for-interpreter_perl.diff
# issue_846_CVE-2019-18217.diff
# upstream_pull_859_861_CVE-2019-19270_CVE-2019-19269
# upstream_4385
+cd9036f4ef7a05c107f0ffcb19a018b20267c531.patch
View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/compare/14e40fdf1af5ef190a1293c792c331b27314bad5...ac2b203fd740d07ce59129d9f596c60963017e95
--
View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/compare/14e40fdf1af5ef190a1293c792c331b27314bad5...ac2b203fd740d07ce59129d9f596c60963017e95
You're receiving this email because of your account on salsa.debian.org.
More information about the Pkg-proftpd-maintainers
mailing list