[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/samba33
Module Name: pkgsrc
Committed By: taca
Date: Tue Sep 14 13:08:23 UTC 2010
pkgsrc/net/samba33: Makefile distinfo
Update samba33 package to 3.3.14.
Release Notes for Samba 3.3.14
September 14, 2010
This is a security release in order to address CVE-2010-3069.
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/samba33/Makefile
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/samba33/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |