Mailing List Info
Slackware Logo

News

Security Advisories

FAQ

Book

General Info

Get Slack

Install Help

Configuration

Packages

ChangeLogs

Propaganda

Ports

Other Sites

Support

Contact

Mailing Lists
  Archives

About

 
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] (FALSE ALARM ON) ncftp (SSA:2005-135-02)
Date: Mon, 16 May 2005 10:24:50 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  (FALSE ALARM ON) ncftp (SSA:2005-135-02)

Hey folks,

An advisory recently went out on NcFTP, but it appears that the issue
in question was fixed long ago in version 3.1.5, released on 2002-10-13.

I received an email at security@slackware.com from a well-meaning user
informing me that 3.1.9 had a security issue that was going unpatched:

> I just noticed that there is a new security update (version 3.1.9) for
> NcFTP client available, but the current Slacware Package Browser lists
> version ncftp-3.1.8-i486-1.

I then went to www.ncftp.com to verify this, and managed to misread the
site, thinking that an old security advisory pertained to 3.1.9.  I
imagine that's the same thing that happened to the person who wrote to
me.

Anyway, just to let you all know that if you already have 3.1.5 or newer
that there aren't any security issues affecting you that I'd consider
worth an advisory.  My apologies if this has been an inconvenience to
any Slackware users, or if the fine people at NcFTP or other
distributions have had to answer any questions about this.  I'll try to
read more carefully next time.  :-)

Take care,

Pat <volkerdi@slackware.com>


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFCiNbyakRjwEAQIjMRAh8pAJ0YgKC9hyxO/zQor8dhe482nfNJuwCfeqVQ
zKosCztZaKCCKz6NmBkLaLA=
=gYTt
-----END PGP SIGNATURE-----

Slackware® is a registered trademark of Slackware Linux, Inc. All logos and graphics are copyrighted.