Linux bods thankful, Apple a stone-cold boilerplate
By Darren Pauli, 3 Nov 2014 The maintainer of the tnftp FTP client has patched a remote code execution vulnerability which affected operating systems including NetBSD, FreeBSD and Mac OS X.The flaw (CVE-2014-8517), which did not affect OpenBSD due to modifications, was patched over the weekend.
Maintainer Luke Mewburn notified NetBSD (which ships tnftp) of the patch in a mailing list post after warning subscribers about the hole last week.
Full Article