so i've done some investigating. wu-ftpd-2.6.0-security.patch is indeed
the functional equivalent of lreply-buffer-overflow.patch, which addresses
the exploit for wu-ftpd that was published on june 22, 2000. this appears
to be the only major security problem and fix since october of 1999. see
http://www.wu-ftpd.org/ for more info.
so the rpm from 5.2 updates i'm guessing is secure from this
vulnerability, just as the rpm from 6.2 updates, and the rpms from 7.0.
in fact, for more info, the 5.2 update and the 6.2 update for wu-ftpd were
both released on the same day (june 23, 2000) and addressed this same
issue. respective page:
http://www.redhat.com/support/errata/RHSA-2000-039-02.html
guess i should've just checked that stuff in the first place.
anyway, thanks all for your suggestions and other info.
-tcl.
On Fri, 19 Jan 2001, tc lewis wrote:
>
> again, not trying to be antagonistic, just convey that i'm looking for
> certain information.
>
> obviously no one is obligated to answer my questions here.
>
> -tcl.
>
>
> On Fri, 19 Jan 2001, RaghuNath L wrote:
>
> > Hello Lewis,
> >
> >
> > No body whether it's Tom or Dick are not oblized to give you a solution when ever
> > you wan't
> >
> > please be soft in your addressing to other person , this not stage for testing any
> > bodies skill's .
> >
> >
> > tc lewis wrote:
> >
> > > you're still not adressing my question, so i'm assuming you don't know,
> > > and that's fine. i'm not really looking for recommendations. i'm looking
> > > for an answer as to whether that's the patch to prevent this vulnerability
> > > or not. i'm not concerned with the worm's date/banner checking thing, i'm
> > > concerned about the vulnerability itself. i'm fully aware of general
> > > upgrade vs non-upgrade issues and redhat's issues overall. heh.
> > >
> > > not trying to be antagonistic, just trying to get the info about that
> > > patch vs the vulnerability.
> > >
> >
> > --
> > Regards ph:5099025
> > RaghuNath L pager:9624395369
> > WSS-Team,Texas Instruments.
> > You have to live on the edge of reality -
> > to make your dreams come true!!!
> >
> >
> >
> >
> >
> > _______________________________________________
> > Redhat-list mailing list
> > [EMAIL PROTECTED]
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> >
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
