ID SSA-2005-135-02A
Type slackware
Reporter Slackware Linux Project
Modified 2005-05-16T10:24:50


Hey folks,

An advisory recently went out on NcFTP, but it appears that the issue in question was fixed long ago in version 3.1.5, released on 2002-10-13.

I received an email at security@slackware.com from a well-meaning user informing me that 3.1.9 had a security issue that was going unpatched:

> I just noticed that there is a new security update (version 3.1.9) for > NcFTP client available, but the current Slacware Package Browser lists > version ncftp-3.1.8-i486-1.

I then went to www.ncftp.com to verify this, and managed to misread the site, thinking that an old security advisory pertained to 3.1.9. I imagine that's the same thing that happened to the person who wrote to me.

Anyway, just to let you all know that if you already have 3.1.5 or newer that there aren't any security issues affecting you that I'd consider worth an advisory. My apologies if this has been an inconvenience to any Slackware users, or if the fine people at NcFTP or other distributions have had to answer any questions about this. I'll try to read more carefully next time. :-)

Take care,

Pat <volkerdi@slackware.com>