pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/samba
Module Name: pkgsrc
Committed By: taca
Date: Sun Oct 4 16:58:38 UTC 2009
Modified Files:
pkgsrc/net/samba: Makefile distinfo
pkgsrc/net/samba/patches: patch-aa patch-at patch-au patch-bg patch-bo
patch-bp patch-bu patch-bw
Added Files:
pkgsrc/net/samba/patches: patch-ci
Log Message:
Update samba package to 3.0.37.
This is a security release in order to address CVE-2009-2813, CVE-2009-2948
and CVE-2009-2906.
Please note that Samba 3.0 is not maintained any longer. This security
release is shipped on a voluntary basis.
o CVE-2009-2813:
In all versions of Samba later than 3.0.11, connecting to the home
share of a user will use the root of the filesystem
as the home directory if this user is misconfigured to have
an empty home directory in /etc/passwd.
o CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it a
credential or password path to which he or she does not have access and
then use the --verbose option to view the first line of that file.
o CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections can
send smbd into a 100% CPU loop, causing a DoS on the Samba server.
To generate a diff of this commit:
cvs rdiff -u -r1.195 -r1.196 pkgsrc/net/samba/Makefile
cvs rdiff -u -r1.71 -r1.72 pkgsrc/net/samba/distinfo
cvs rdiff -u -r1.32 -r1.33 pkgsrc/net/samba/patches/patch-aa
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/samba/patches/patch-at
cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/samba/patches/patch-au
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/samba/patches/patch-bg
cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/samba/patches/patch-bo \
pkgsrc/net/samba/patches/patch-bw
cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/samba/patches/patch-bp
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/samba/patches/patch-bu
cvs rdiff -u -r0 -r1.1 pkgsrc/net/samba/patches/patch-ci
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index