Re: pkg/43024 (proftpd needs to be updated to 1.3.3 to fix the security issues)

["Michael C. Vergallen" <mvergall%telenet.be@localhost>]

The following reply was made to PR pkg/43024; it has been noted by GNATS.

From: "Michael C. Vergallen" <mvergall%telenet.be@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: pkg/43024 (proftpd needs to be updated to 1.3.3 to fix the security
 issues)
Date: Mon, 22 Mar 2010 01:49:27 +0100

 kim%netbsd.org@localhost wrote:
 > Synopsis: proftpd needs to be updated to 1.3.3 to fix the security issues
 >
 > State-Changed-From-To: open->closed
 > State-Changed-By: kim%NetBSD.org@localhost
 > State-Changed-When: Sun, 21 Mar 2010 21:26:18 +0000
 > State-Changed-Why:
 > I couldn't see any security issues listed for 1.3.2c on www.proftpd.org.
 > However, I have updated the package to 1.3.3 anyway.
 >
 >
 >
 >
 >   
 No the website does not mention that ... just the  
 pkg-vulnerability-list  does mention that and building the package on a 
 system that does not have ALLOW_VULNERABLE_PACKAGES=yes does not work. 
 As here on site this is not allowed I didn't have a choice but to ask 
 for a bump up in version due to the patches that came with pkgsrc-2009Q4 
 it was impossible to modify the package myself. (I tried to rework the 
 patches when they failed but didn't succeed. The Makefile and digest 
 were no problem but the patches on the package kept failing)
 
 Regards.
 
 Michael