The NetBSD Project

CVS log for pkgsrc/net/samba33/Attic/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / net / samba33

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.11, Tue Feb 5 07:45:42 2013 UTC (9 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, HEAD
Changes since 1.10: +1 -1 lines
FILE REMOVED

Remove samba30 and samba33, as stated by Aleksej Saushev on Jul 7, 2012.

Revision 1.9.2.1 / (download) - annotate - [select for diffs], Wed Apr 11 18:37:38 2012 UTC (10 years, 9 months ago) by spz
Branch: pkgsrc-2012Q1
Changes since 1.9: +4 -1 lines
Diff to previous 1.9 (colored) next main 1.10 (colored)

Pullup ticket #3731 - requested by jdf
net/samba33: security fix

Revisions pulled up:
- net/samba33/Makefile                                          1.21
- net/samba33/distinfo                                          1.10

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   asau
   Date:           Wed Apr 11 10:10:58 UTC 2012

   Modified Files:
           pkgsrc/net/samba33: Makefile distinfo

   Log Message:
   Apply official patch to address CVE-2012-1182 ("root" credential remote code
   execution).


   To generate a diff of this commit:
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/net/samba33/Makefile
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/samba33/distinfo

Revision 1.10 / (download) - annotate - [select for diffs], Wed Apr 11 10:10:58 2012 UTC (10 years, 9 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.9: +4 -1 lines
Diff to previous 1.9 (colored)

Apply official patch to address CVE-2012-1182 ("root" credential remote code execution).

Revision 1.9 / (download) - annotate - [select for diffs], Tue Mar 13 13:22:24 2012 UTC (10 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base
Branch point for: pkgsrc-2012Q1
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)

Add patch for CVE-2012-0870.

Bump PKGREVISION.

Revision 1.8 / (download) - annotate - [select for diffs], Tue Aug 2 14:06:20 2011 UTC (11 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)

Add workaround for NetBSD 5.99.54 as samba35.

Revision 1.6.4.1 / (download) - annotate - [select for diffs], Wed Jul 27 06:38:29 2011 UTC (11 years, 6 months ago) by sbd
Branch: pkgsrc-2011Q2
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)

Pullup ticket #3479 - requested by taca
net/samba33 security update.

Revisions pulled up:
- net/samba33/Makefile                                          1.15
- net/samba33/distinfo                                          1.7
- net/samba33/patches/patch-af                                  1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jul 27 00:53:37 UTC 2011

   Modified Files:
   	pkgsrc/net/samba33: Makefile distinfo
   	pkgsrc/net/samba33/patches: patch-af

   Log Message:
   Update samba33 package to 3.3.16; security fix for swat.

                      ==============================
                      Release Notes for Samba 3.3.16
   		           July 26, 2011
                      ==============================

   This is a security release in order to address
   CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
   CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).

   o  CVE-2011-2522:
      The Samba Web Administration Tool (SWAT) in Samba versions
      3.0.x to 3.5.9 are affected by a cross-site request forgery.

   o  CVE-2011-2694:
      The Samba Web Administration Tool (SWAT) in Samba versions
      3.0.x to 3.5.9 are affected by a cross-site scripting
      vulnerability.

   Please note that SWAT must be enabled in order for these
   vulnerabilities to be exploitable. By default, SWAT
   is *not* enabled on a Samba install.

   Changes since 3.3.15
   --------------------

   o   Kai Blin <kai@samba.org>
       * BUG 8289: SWAT contains a cross-site scripting vulnerability.
       * BUG 8290: CSRF vulnerability in SWAT.

Revision 1.7 / (download) - annotate - [select for diffs], Wed Jul 27 00:53:37 2011 UTC (11 years, 6 months ago) by taca
Branch: MAIN
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored)

Update samba33 package to 3.3.16; security fix for swat.


                   ==============================
                   Release Notes for Samba 3.3.16
		           July 26, 2011
                   ==============================


This is a security release in order to address
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).


o  CVE-2011-2522:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site request forgery.


o  CVE-2011-2694:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site scripting
   vulnerability.

Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.


Changes since 3.3.15
--------------------


o   Kai Blin <kai@samba.org>
    * BUG 8289: SWAT contains a cross-site scripting vulnerability.
    * BUG 8290: CSRF vulnerability in SWAT.

Revision 1.5.4.1 / (download) - annotate - [select for diffs], Tue Mar 1 09:09:03 2011 UTC (11 years, 11 months ago) by sbd
Branch: pkgsrc-2010Q4
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)

Pullup ticket #3367 - requested by taca
net/samba33 security fix.

Revisions pulled up:
- net/samba33/Makefile                                          1.13
- net/samba33/distinfo                                          1.6
---
Module Name:	pkgsrc
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 28 14:34:09 UTC 2011

Modified Files:
	pkgsrc/net/samba33: Makefile distinfo

Log Message:
Update samba33 pacakge to 3.3.15.

Release Announcements
=====================

Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.

o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.

   A connection to a file share, or a local account is needed
   to exploit this problem, either authenticated or unauthenticated
   (guest connection).

   Currently we do not believe this flaw is exploitable
   beyond a crash or causing the code to loop, but on the
   advice of our security reviewers we are releasing fixes
   in case an exploit is discovered at a later date.

Changes
-------

o   Jeremy Allison <jra at samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.

Revision 1.6 / (download) - annotate - [select for diffs], Mon Feb 28 14:34:09 2011 UTC (11 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q1-base, pkgsrc-2011Q1
Branch point for: pkgsrc-2011Q2
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (colored)

Update samba33 pacakge to 3.3.15.


Release Announcements
=====================

Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.


o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.

   A connection to a file share, or a local account is needed
   to exploit this problem, either authenticated or unauthenticated
   (guest connection).

   Currently we do not believe this flaw is exploitable
   beyond a crash or causing the code to loop, but on the
   advice of our security reviewers we are releasing fixes
   in case an exploit is discovered at a later date.


Changes
-------


o   Jeremy Allison <jra at samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.

Revision 1.4.2.1 / (download) - annotate - [select for diffs], Wed Sep 15 07:53:49 2010 UTC (12 years, 4 months ago) by tron
Branch: pkgsrc-2010Q2
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored) next main 1.5 (colored)

Pullup ticket #3223 - requested by taca
net/samba33: security update

Revisions pulled up:
- net/samba33/Makefile		1.11
- net/samba33/distinfo		1.5
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Tue Sep 14 13:08:23 UTC 2010

Modified Files:
	pkgsrc/net/samba33: Makefile distinfo

Log Message:
Update samba33 package to 3.3.14.

                   ==============================
                   Release Notes for Samba 3.3.14
		         September 14, 2010
                   ==============================

This is a security release in order to address CVE-2010-3069.

o  CVE-2010-3069:
   All current released versions of Samba are vulnerable to
   a buffer overrun vulnerability. The sid_parse() function
   (and related dom_sid_parse() function in the source4 code)
   do not correctly check their input lengths when reading a
   binary representation of a Windows SID (Security ID). This
   allows a malicious client to send a sid that can overflow
   the stack variable that is being used to store the SID in the
   Samba smbd server.

Revision 1.5 / (download) - annotate - [select for diffs], Tue Sep 14 13:08:23 2010 UTC (12 years, 4 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base, pkgsrc-2010Q3-base, pkgsrc-2010Q3
Branch point for: pkgsrc-2010Q4
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)

Update samba33 package to 3.3.14.


                   ==============================
                   Release Notes for Samba 3.3.14
		         September 14, 2010
                   ==============================


This is a security release in order to address CVE-2010-3069.


o  CVE-2010-3069:
   All current released versions of Samba are vulnerable to
   a buffer overrun vulnerability. The sid_parse() function
   (and related dom_sid_parse() function in the source4 code)
   do not correctly check their input lengths when reading a
   binary representation of a Windows SID (Security ID). This
   allows a malicious client to send a sid that can overflow
   the stack variable that is being used to store the SID in the
   Samba smbd server.

Revision 1.3.2.1 / (download) - annotate - [select for diffs], Wed Jun 16 21:27:32 2010 UTC (12 years, 7 months ago) by tron
Branch: pkgsrc-2010Q1
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)

Pullup ticket #3148 - requested by taca
net/samba33: security update

Revisions pulled up:
- net/samba33/Makefile			1.10
- net/samba33/distinfo			1.4
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Wed Jun 16 14:34:35 UTC 2010

Modified Files:
	pkgsrc/net/samba33: Makefile distinfo

Log Message:
Update samba33 package to 3.3.13.

Changes since 3.3.12
--------------------

o   Jeremy Allison <jra@samba.org>
    * BUG 7494: Fix for CVE-2010-2063.

Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 16 14:34:35 2010 UTC (12 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base
Branch point for: pkgsrc-2010Q2
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored)

Update samba33 package to 3.3.13.


Changes since 3.3.12
--------------------

o   Jeremy Allison <jra@samba.org>
    * BUG 7494: Fix for CVE-2010-2063.

Revision 1.3 / (download) - annotate - [select for diffs], Tue Mar 9 01:31:34 2010 UTC (12 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q1-base
Branch point for: pkgsrc-2010Q1
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)

Update samba33 package to 3.3.12.

o  CVE-2010-0728:
   In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code
   was added to fix a problem with Linux asynchronous IO handling.
   This code introduced a bad security flaw on Linux platforms if the
   binaries were built on Linux platforms with libcap support.
   The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE
   capabilities, allowing all file system access to be allowed
   even when permissions should have denied access.

Revision 1.2 / (download) - annotate - [select for diffs], Tue Mar 2 14:56:22 2010 UTC (12 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.1: +6 -6 lines
Diff to previous 1.1 (colored)

Update samba33 pacakge to 3.3.11.


Changes since 3.3.10
--------------------


o   Jeremy Allison <jra@samba.org>
    * BUG 6557: Fix vfs_full_audit.
    * BUG 7036: Fix 'net rpc getsid' in hardened Windows environments.
    * BUG 7045: Fix bad (non memory copying) interfaces in smbc_setXXXX calls.
    * BUG 7067: Fix failing of smbd to respond to a read or a write caused by
      Linux asynchronous IO (aio).
    * BUG 7072: Fix unlocking of accounts from ldap.
    * BUG 7104: "wide links" and "unix extensions" are incompatible.
    * BUG 7122: Fix reading of large browselist.
    * BUG 7154: "mangling method = hash" can crash storing a name containing
      a '.'.
    * BUG 7155: Valgrind Conditional jump or move depends on uninitialised
      value(s) error when "mangling method = hash".


o   Gunther Deschner <gd@samba.org>
    * BUG 7043: Fix crash bug in "SMBC_parse_path".


o   Volker Lendecke <vl@samba.org>
    * BUG 5626: Fix build on AIX.
    * BUG 5885: Fix bogus ip address in SWAT.
    * BUG 7046: Fix a crash in libsmbclient used against the OpenSolaris CIFS
      server.


o   Stefan Metzmacher <metze@samba.org>
    * BUG 7098: Fix results of 'smbclient -L' with a large browse list.
    * BUG 7170: Fix handling of external domains in setups with one way trusts.


o   William Jojo <w.jojo@hvcc.edu>
    * BUG 7052: Fix DFS on AIX (maybe others).


o   Bo Yang <boyang@samba.org>
    * BUG 7106: Fix malformed require_membership_of_sid.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Feb 16 16:24:15 2010 UTC (12 years, 11 months ago) by taca
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Importing Samba 3.3.10 as net/samba33.
This isn't latest release, but diffrence from current package is minimal
supported release.

Since changes are too huge to write here, please refer each release notes:

	http://www.samba.org/samba/history/

And this pacakge already contain fix for CVE-2009-3297.



Revision 1.1 / (download) - annotate - [select for diffs], Tue Feb 16 16:24:15 2010 UTC (12 years, 11 months ago) by taca
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>