CVS commit: pkgsrc/net/samba33

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/samba33
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Mon, 28 Feb 2011 14:34:09 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Mon Feb 28 14:34:09 UTC 2011

Modified Files:
        pkgsrc/net/samba33: Makefile distinfo

Log Message:
Update samba33 pacakge to 3.3.15.

Release Announcements
=====================

Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.

o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.

   A connection to a file share, or a local account is needed
   to exploit this problem, either authenticated or unauthenticated
   (guest connection).

   Currently we do not believe this flaw is exploitable
   beyond a crash or causing the code to loop, but on the
   advice of our security reviewers we are releasing fixes
   in case an exploit is discovered at a later date.

Changes
-------

o   Jeremy Allison <jra at samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/samba33/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/samba33/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/net/samba35
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/net/samba35
Indexes:

Home | Main Index | Thread Index | Old Index