Control: tags 1058796 + patch Control: tags 1058796 + pending -- Dear maintainer,
I've prepared an NMU for pure-ftpd (versioned as 1.0.50-2.2) and uploaded it to DELAYED/10. Please feel free to tell me if I should delay it longer. -- Regards Sudip diff -Nru pure-ftpd-1.0.50/debian/changelog pure-ftpd-1.0.50/debian/changelog --- pure-ftpd-1.0.50/debian/changelog 2022-01-31 18:42:16.000000000 +0000 +++ pure-ftpd-1.0.50/debian/changelog 2024-01-11 19:40:01.000000000 +0000 @@ -1,3 +1,11 @@ +pure-ftpd (1.0.50-2.2) unstable; urgency=medium + + * Non-maintainer upload. + * Apply upstream patch to fix segfault by parsing + port number properly. (Closes: #1058796) + + -- Sudip Mukherjee <sudipm.mukher...@gmail.com> Thu, 11 Jan 2024 19:40:01 +0000 + pure-ftpd (1.0.50-2.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru pure-ftpd-1.0.50/debian/patches/fix-port.patch pure-ftpd-1.0.50/debian/patches/fix-port.patch --- pure-ftpd-1.0.50/debian/patches/fix-port.patch 1970-01-01 01:00:00.000000000 +0100 +++ pure-ftpd-1.0.50/debian/patches/fix-port.patch 2024-01-11 19:39:57.000000000 +0000 @@ -0,0 +1,45 @@ +From c3f0f3c91d86939e6fabf5f65c6c6fc964e6032e Mon Sep 17 00:00:00 2001 +From: Frank Denis <git...@pureftpd.org> +Date: Thu, 20 Jan 2022 19:54:27 +0100 +Subject: [PATCH] PostgreSQL: don't escape the port number in the connection string + +It's already an integer, not a string. + +Reported by Artyom Davidov, thanks! + +Origin: upstream, https://github.com/jedisct1/pure-ftpd/commit/c3f0f3c91d86939e6fabf5f65c6c6fc964e6032e +Bug-Debian: https://bugs.debian.org/1058796 +Last-Update: 2024-01-11 +--- + src/log_pgsql.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/log_pgsql.c b/src/log_pgsql.c +index 875b71f..bb08c3b 100644 +--- a/src/log_pgsql.c ++++ b/src/log_pgsql.c +@@ -278,7 +278,6 @@ static int pw_pgsql_connect(PGconn ** const id_sql_server) + *id_sql_server = NULL; + + if ((escaped_server = pw_pgsql_escape_conninfo(server)) == NULL || +- (escaped_port = pw_pgsql_escape_conninfo(port)) == NULL || + (escaped_db = pw_pgsql_escape_conninfo(db)) == NULL || + (escaped_user = pw_pgsql_escape_conninfo(user)) == NULL || + (escaped_pw = pw_pgsql_escape_conninfo(pw)) == NULL) { +@@ -296,7 +295,7 @@ static int pw_pgsql_connect(PGconn ** const id_sql_server) + } + if (SNCHECK(snprintf(conninfo, sizeof_conninfo, + PGSQL_CONNECT_FMTSTRING, +- escaped_server, escaped_port, escaped_db, ++ escaped_server, port, escaped_db, + escaped_user, escaped_pw), sizeof_conninfo)) { + goto bye; + } +@@ -314,7 +313,6 @@ static int pw_pgsql_connect(PGconn ** const id_sql_server) + bye: + free(conninfo); + free(escaped_server); +- free(escaped_port); + free(escaped_db); + free(escaped_user); + free(escaped_pw); diff -Nru pure-ftpd-1.0.50/debian/patches/series pure-ftpd-1.0.50/debian/patches/series --- pure-ftpd-1.0.50/debian/patches/series 2022-01-31 18:42:16.000000000 +0000 +++ pure-ftpd-1.0.50/debian/patches/series 2024-01-11 17:25:32.000000000 +0000 @@ -1 +1,2 @@ maria-db-cross.diff +fix-port.patch