CVS commit: pkgsrc/net/samba

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/samba
From: Takahiro Kambe <taca%netbsd.org@localhost>
Date: Sun, 4 Oct 2009 16:58:38 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Sun Oct  4 16:58:38 UTC 2009

Modified Files:
        pkgsrc/net/samba: Makefile distinfo
        pkgsrc/net/samba/patches: patch-aa patch-at patch-au patch-bg patch-bo
            patch-bp patch-bu patch-bw
Added Files:
        pkgsrc/net/samba/patches: patch-ci

Log Message:
Update samba package to 3.0.37.

This is a security release in order to address CVE-2009-2813, CVE-2009-2948
and CVE-2009-2906.
Please note that Samba 3.0 is not maintained any longer. This security
release is shipped on a voluntary basis.

   o CVE-2009-2813:
     In all versions of Samba later than 3.0.11, connecting to the home
     share of a user will use the root of the filesystem
     as the home directory if this user is misconfigured to have
     an empty home directory in /etc/passwd.

   o CVE-2009-2948:
     If mount.cifs is installed as a setuid program, a user can pass it a
     credential or password path to which he or she does not have access and
     then use the --verbose option to view the first line of that file.

   o CVE-2009-2906:
     Specially crafted SMB requests on authenticated SMB connections can
     send smbd into a 100% CPU loop, causing a DoS on the Samba server.


To generate a diff of this commit:
cvs rdiff -u -r1.195 -r1.196 pkgsrc/net/samba/Makefile
cvs rdiff -u -r1.71 -r1.72 pkgsrc/net/samba/distinfo
cvs rdiff -u -r1.32 -r1.33 pkgsrc/net/samba/patches/patch-aa
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/samba/patches/patch-at
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/samba/patches/patch-au
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/samba/patches/patch-bg
cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/samba/patches/patch-bo \
    pkgsrc/net/samba/patches/patch-bw
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/samba/patches/patch-bp
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/samba/patches/patch-bu
cvs rdiff -u -r0 -r1.1 pkgsrc/net/samba/patches/patch-ci

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/mail/vm
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/mail/vm
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index