Subject: CVS commit: [netbsd-1-6-1] pkgsrc/net/samba/patches
To: None <pkgsrc-changes@netbsd.org>
From: James Chacon <jmc@netbsd.org>
List: pkgsrc-changes
Date: 03/23/2003 03:24:13
Module Name:	pkgsrc
Committed By:	jmc
Date:		Sun Mar 23 01:24:13 UTC 2003

Modified Files:
	pkgsrc/net/samba/patches [netbsd-1-6-1]: patch-ad

Log Message:
Pullup rev 1.12 (requested by bouyer in ticket #1220)
        Updated samba to 2.2.8

        ****************************************
        * IMPORTANT: Security bugfix for Samba *
        ****************************************

        The SuSE security audit team, in particular Sebastian Krahmer
        <krahmer@suse.de>, has found a flaw in the Samba main smbd code which
        could allow an external attacker to remotely and anonymously gain
        Super User (root) privileges on a server running a Samba server.

        This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
        inclusive.  This is a serious problem and all sites should either
        upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
        and 445. Advice created by Andrew Tridgell, the leader of the Samba
        Team, on how to protect an unpatched Samba server is given at the end
        of this section.

        The SMB/CIFS protocol implemented by Samba is vulnerable to many
        attacks, even without specific security holes.  The TCP ports 139 and
        the new port 445 (used by Win2k and the Samba 3.0 alpha code in
        particular) should never be exposed to untrusted networks.


To generate a diff of this commit:
cvs rdiff -r1.11 -r1.11.2.1 pkgsrc/net/samba/patches/patch-ad

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.