CVS commit: othersrc/libexec/tnftpd

[Luke Mewburn]

Module Name:    othersrc
Committed By:   lukem
Date:           Tue Jan 29 23:14:48 UTC 2019

Modified Files:
        othersrc/libexec/tnftpd: ChangeLog

Log Message:
changes so far this year


To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 othersrc/libexec/tnftpd/ChangeLog

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: othersrc/libexec/tnftpd/ChangeLog
diff -u othersrc/libexec/tnftpd/ChangeLog:1.60 othersrc/libexec/tnftpd/ChangeLog:1.61
--- othersrc/libexec/tnftpd/ChangeLog:1.60	Mon Mar 25 04:29:01 2013
+++ othersrc/libexec/tnftpd/ChangeLog	Tue Jan 29 23:14:48 2019
@@ -1,4 +1,46 @@
-$NetBSD: ChangeLog,v 1.60 2013/03/25 04:29:01 lukem Exp $
+$NetBSD: ChangeLog,v 1.61 2019/01/29 23:14:48 lukem Exp $
+
+
+Tue Jan 29 23:12:52 UTC 2019	lukem
+
+	* Limit fnmatch(), fts(),  strsuftollx() recursion to avoid
+	  DoS attacks. From Maksymilian Arciemowicz.
+
+	* Improve glob():
+		* Switch from a recursive pattern matching algorithm to handle
+		  '*' to a backtracking one. Avoids DoS attacks with patterns
+		  "a*a*a*a*a*...b" matching against "aaaaaaaaaaaa...".
+		  See https://research.swtch.com/glob
+		* Bump the glob limits to 512KB for total string size and 64KB
+		  path entries. The old limits were too small for some
+		  important FTP use cases like a pkgsrc repository.
+
+	* Add --with-blacklist to enable support for NetBSD blacklist daemon.
+
+	* Save struct passwd.pw_class if it exists. Inspired by FreeBSD.
+
+	* Sync libnetbsd replacements with NetBSD:
+		* ANSI C, coding, style, copyright improvements.
+		* Fix fparseln() parsing issues.
+		* Fix fts() error handling issues.
+		* Improve strmode() to support S_IFDOOR.
+		* Fix strsuftollx() error message and base 10 handling.
+		* Provide explicit_memset() replacement.
+
+	* Update to NetBSD-ftpd as at 20190129:
+		* Fix violations of the sequence point rule.
+		* Add volatile for gcc 5.
+		* Check that stat and fstat succeed.
+		* Support blacklistd(8) hooks.
+		* Clear utmpx struct before writing it to wtmpx files.
+		* Fix directory stream leaks.
+		* Use explicit_memset(3) instead of memset(3) to clear password.
+		* Fix scope of variable. PR/50665.
+		* Ensure that closing socket exists. CID 603440.
+		* Add -f option to ftpd to stay in foreground with -D. PR/53221.
+		* Update version to "NetBSD-ftpd 20180428".
+
+	* Remove endorsment clause from some of my licenses.
 
 Mon Mar 25 03:51:20 UTC 2013	lukem