--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2005-152908 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152908 2005-05-05 --------------------------------------------------------------------- Name : gftp Versions : rh7.3: gftp-2.0.11-2.2.legacy Versions : rh9: gftp-2.0.14-2.2.legacy Versions : fc1: gftp-2.0.17-0.FC1.1.legacy Summary : A multi-threaded FTP client for the X Window System. Description : gFTP is a multi-threaded FTP client for the X Window System. gFTP supports simultaneous downloads, resumption of interrupted file transfers, file transfer queues to allow downloading of multiple files, support for downloading entire directories/subdirectories, a bookmarks menu to allow quick connection to FTP sites, caching of remote directory listings, local and remote chmod, drag and drop, a connection manager, and much more. --------------------------------------------------------------------- Update Information: Updated gftp packages that fix a security issue are now available. gFTP is a multi-threaded FTP client for the X Window System. A directory traversal vulnerability was discovered in gftp. A remote malicious FTP server could read, overwrite or create arbitrary files via .. (dot dot) sequences in the filenames returned from a LIST command. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0372 to this issue. Users of gftp are advised to upgrade to these errata packages, which contain a backported patch correcting this issue. --------------------------------------------------------------------- Changelogs rh73: * Thu May 05 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.11-2.2.legacy - Added missing glib-devel and gtk+-devel to BuildRequires * Wed Mar 09 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.11-2.1.legacy - Added security patch for CAN-2005-0372 rh9: * Thu May 05 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.14-2.2.legacy - Added missing glib-devel, gtk2-devel, desktop-file-utils, ncurses-devel and readline-devel BuildRequires * Wed Mar 09 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.14-2.1.legacy - Added security patch for CAN-2005-0372 fc1: * Wed Mar 09 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 2.0.17-0.FC1.1.legacy - Added security patch for CAN-2005-0372 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: 49e794d3f8b144e55560c79960cedc487d737bb6 redhat/7.3/updates-testing/i386/gftp-2.0.11-2.2.legacy.i386.rpm 428080cb2efba4e5ad3df31150fc244f13f6b02c redhat/7.3/updates-testing/SRPMS/gftp-2.0.11-2.2.legacy.src.rpm rh9: 3c1812e77892b5a00167a3894983398dc467e262 redhat/9/updates-testing/i386/gftp-2.0.14-2.2.legacy.i386.rpm ddf0ebe73fa8410ac213f6141ca97b3b75e34d5f redhat/9/updates-testing/SRPMS/gftp-2.0.14-2.2.legacy.src.rpm fc1: 93823674913c4796c06d8f4e37895e3573ea17fe fedora/1/updates-testing/i386/gftp-2.0.17-0.FC1.1.legacy.i386.rpm 6d5276c8e90ebf111e907e04602fac5e45624737 fedora/1/updates-testing/SRPMS/gftp-2.0.17-0.FC1.1.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
