Up to [cvs.NetBSD.org] / pkgsrc / net / samba35
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Remove samba35 package. Samba 3.5.x was EOL Oct 2013.
Bump for perl-5.20.0. Do it for all packages that * mention perl, or * have a directory name starting with p5-*, or * depend on a package starting with p5- like last time, for 5.18, where this didn't lead to complaints. Let me know if you have any this time.
Replace log dir in the default sampel config file correctly. Bump PKGREVISION.
simplify with SUBST_VARS.
Recursive PKGREVISION bump for OpenSSL API version bump.
Use GNU_CONFIGURE_LIBDIR for --libdir.
Pullup ticket #4208 - requested by taca net/samba35: security update Revisions pulled up: - net/samba35/Makefile 1.31 - net/samba35/distinfo 1.16 - net/samba35/patches/patch-af 1.6 - net/samba35/patches/patch-ah 1.3 - net/samba35/patches/patch-ap 1.2 - net/samba35/patches/patch-aq 1.4 - net/samba35/patches/patch-av 1.3 - net/samba35/patches/patch-aw 1.2 - net/samba35/patches/patch-ba 1.2 - net/samba35/patches/patch-bb 1.2 --- Module Name: pkgsrc Committed By: taca Date: Mon Aug 12 02:47:32 UTC 2013 Modified Files: pkgsrc/net/samba35: Makefile distinfo pkgsrc/net/samba35/patches: patch-af patch-ah patch-ap patch-aq patch-av patch-aw patch-ba patch-bb Log Message: Update samba35 to 3.5.22, security release. ============================== Release Notes for Samba 3.5.22 August 05, 2013 ============================== This is a security release in order to address CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause server to loop with DOS). o CVE-2013-4124: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits. Changes since 3.5.21: --------------------- o Jeremy Allison <jra@samba.org> * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list reading can cause server to loop with DOS.
Update samba35 to 3.5.22, security release. ============================== Release Notes for Samba 3.5.22 August 05, 2013 ============================== This is a security release in order to address CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause server to loop with DOS). o CVE-2013-4124: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits. Changes since 3.5.21: --------------------- o Jeremy Allison <jra@samba.org> * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list reading can cause server to loop with DOS.
* .include "../../devel/readline/buildlink3.mk" with USE_GNU_READLINE=yes are replaced with .include "../../devel/readline/buildlink3.mk", and USE_GNU_READLINE are removed, * .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE are replaced with .include "../../mk/readline.buildlink3.mk".
Remove GNU_CONFIGURE_LIBDIR. Rationale: undocumented, easily replaced with "CONFIGURE_ARGS+=--libdir=" and only used by 10 packages.
Bump all packages for perl-5.18, that a) refer 'perl' in their Makefile, or b) have a directory name of p5-*, or c) have any dependency on any p5-* package Like last time, where this caused no complaints.
PKGREVISION bumps for the security/openssl 1.0.1d update.
Pullup ticket #4053 - requested by taca net/samba35: security update Revisions pulled up: - net/samba35/Makefile 1.26 - net/samba35/distinfo 1.15 --- Module Name: pkgsrc Committed By: taca Date: Wed Jan 30 11:41:44 UTC 2013 Modified Files: pkgsrc/net/samba35: Makefile distinfo Log Message: Update samba35 to 3.5.21. ============================== Release Notes for Samba 3.5.21 January 30, 2013 ============================== This is a security release in order to address CVE-2013-0213 (Clickjacking issue in SWAT) and CVE-2013-0214 (Potential XSRF in SWAT). o CVE-2013-0213: All current released versions of Samba are vulnerable to clickjacking in the Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into a malicious web page via a frame or iframe and then overlaid by other content, an attacker could trick an administrator to potentially change Samba settings. In order to be vulnerable, SWAT must have been installed and enabled either as a standalone server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has not been installed or enabled (which is the default install state for Samba) this advisory can be ignored. o CVE-2013-0214: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By guessing a user's password and then tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. In order to be vulnerable, the attacker needs to know the victim's password. Additionally SWAT must have been installed and enabled either as a standalone server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has not been installed or enabled (which is the default install state for Samba) this advisory can be ignored. Changes since 3.5.20: --------------------- o Kai Blin <kai@samba.org> * BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT. * BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.
Update samba35 to 3.5.21. ============================== Release Notes for Samba 3.5.21 January 30, 2013 ============================== This is a security release in order to address CVE-2013-0213 (Clickjacking issue in SWAT) and CVE-2013-0214 (Potential XSRF in SWAT). o CVE-2013-0213: All current released versions of Samba are vulnerable to clickjacking in the Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into a malicious web page via a frame or iframe and then overlaid by other content, an attacker could trick an administrator to potentially change Samba settings. In order to be vulnerable, SWAT must have been installed and enabled either as a standalone server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has not been installed or enabled (which is the default install state for Samba) this advisory can be ignored. o CVE-2013-0214: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By guessing a user's password and then tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. In order to be vulnerable, the attacker needs to know the victim's password. Additionally SWAT must have been installed and enabled either as a standalone server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has not been installed or enabled (which is the default install state for Samba) this advisory can be ignored. Changes since 3.5.20: --------------------- o Kai Blin <kai@samba.org> * BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT. * BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.
Updaet samba35 to 3.5.20. * 3.5.20 Changes since 3.5.19: --------------------- o Jeremy Allison <jra@samba.org> * BUG 7781: Samba transforms ShareName to lowercase (sharename) when adding new share via MMC. * BUG 9236: Apply ACL masks correctly when setting ACLs. * BUG 9455: munmap called for an address location not mapped by Samba. o Bj«Órn Baumbach <bb@sernet.de> * BUG 9345: Fix usage of <smbconfoption> tag. o Stefan Metzmacher <metze@samba.org> * BUG 9390: Fix segfaults in log level = 10 on Solaris. * BUG 9402: Fix dns updates against BIND9 (used in a Samba4 domain). * 3.5.19 Changes since 3.5.18: --------------------- o Jeremy Allison <jra@samba.org> * BUG 9016: Connection to outbound trusted domain goes offline. * BUG 9117: smbclient can't connect to a Windows 7 server using NTLMv2. * BUG 9213: Bad ASN.1 NegTokenInit packet can cause invalid free. * BUG 9236: ACL masks incorrectly applied when setting ACLs. o Andrew Bartlett <abartlet@samba.org> * BUG 8788: libsmb: Initialise ticket to ensure we do not free invalid memory. o Bj«Órn Jacke <bj@sernet.de> * BUG 8344: autoconf: Fix --with(out)-sendfile-support option handling. * BUG 8732: Fix compile of krb5 locator on Solaris. * BUG 9172: Add quota support for gfs2. o Matthieu Patou <mat@matws.net> * BUG 9259: lib-addns: Ensure that allocated buffer are pre set to 0. o Andreas Schneider <asn@samba.org> * BUG 9218: Samba panics if a user specifies an invalid port number. * 3.5.18 Changes since 3.5.17: --------------------- o Michael Adam <obnox@samba.org> * BUG 7788: Clarify the idmap_rid manpage. o Jeremy Allison <jra@samba.org> * BUG 9098: Winbind does not refresh Kerberos tickets. * BUG 9147: Winbind can't fetch user or group info from AD via LDAP. * BUG 9150: Valid open requests can cause smbd assert due to incorrect oplock handling on delete requests. o Neil R. Goldberg <ngoldber@mitre.org> * BUG 9100: Winbind doesn't return "Domain Local" groups from own domain. o Hargagan <shargagan@novell.com> * BUG 9085: NMB registration for a duplicate workstation fails with registration refuse. o Bj«Órn Jacke <bj@sernet.de> * BUG 7814: Fix build of sysquote_xfs. * BUG 8402: Winbind log spammed with idmap messages. o Volker Lendecke <vl@samba.org> * BUG 9084: Fix a smbd crash in reply_lockingX_error. o Herb Lewis <hlewis@panasas.com> * BUG 9104: Fix Winbind crashes caused by mis-identified idle clients. o Luca Lorenzetto <lorenzetto-luca@ubuntu-it.org> * BUG 9013: Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in _pam_winbind_change_pwd() when password is expiring. * 3.5.17 Changes since 3.5.16: --------------------- o Jeremy Allison <jra@samba.org> * BUG 9034: Fix typo in set_re_uid() call when USE_SETRESUID selected in configure. o Bj«Órn Jacke <bj@sernet.de> * BUG 8996: Fix build without ads support. * BUG 9011: Second part of a fix for bug #9011 (Build on HP-UX broken). o Stefan Metzmacher <metze@samba.org> * BUG 9022: Make vfs_gpfs less verbose in get/set_xattr functions.
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Bump all packages that use perl, or depend on a p5-* package, or are called p5-*. I hope that's all of them.
Sync net/samba35 with the below changes as it uses net/samba/options.mk. Bump PKGREVISION --- Module Name: pkgsrc Committed By: sbd Date: Sun Aug 19 07:28:36 UTC 2012 Modified Files: pkgsrc/net/samba: INSTALL.nss_winbind Makefile options.mk Added Files: pkgsrc/net/samba: DEINSTALL.nss_winbind Log Message: NSS winbind option install script fixes: 1) Move the INSTALL_TEMPLATES line to the 'winbind' option section. 2) Enable the install script on all platforms. 3) Use the value of ${NSS_WINBIND} in the script as the name of the library (should work on all platforms). 4) In the install script only create the symlink if ${NSS_WINBIND} doesn't start with '@comment' (i.e. no nss winbind on this platform) and the target file exists and the symlink _doesn't_ already exist. 5) Create a DEINSTALL_TEMPLATES to remove the nss winbind symlink if it exists and point to the correct target. Bump PKGREVISION. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 pkgsrc/net/samba/DEINSTALL.nss_winbind cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/samba/INSTALL.nss_winbind cvs rdiff -u -r1.220 -r1.221 pkgsrc/net/samba/Makefile cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/samba/options.mk
Update to Samba 3.5.16 ============================== Release Notes for Samba 3.5.16 July 2, 2012 ============================== This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.16 include: o Fix possible memory leaks in the Samba master process (bug #8970). o Fix uninitialized memory read in talloc_free(). o Fix smbd crash with unknown user (bug #8314). Changes since 3.5.15: --------------------- o Jeremy Allison <jra@samba.org> * BUG 8314: Fix smbd crash with unknown user. * BUG 8831: Fix inconsistent (with manpage) command-line switch for "help" in smbtree. * BUG 8882: Fix processing of %U with vfs_full_audit when "force user" is set. * BUG 8897: winbind_krb5_locator only returns one IP address. * BUG 8910: resolve_ads() code can return zero addresses and miss valid DC IP addresses. * BUG 8957: Fix typo in pam_winbindd code. * BUG 8972: Directory group write permission bit is set if unix extensions are enabled. * BUG 8974: Kernel oplocks are broken when uid(file) != uid(process). * BUG 8989: Send correct responses to NT Transact Secondary when no data and no params. * BUG 8994: Fix "winbind normalize names". o Andrew Bartlett <abartlet@samba.org> * BUG 8599: Only use SamLogonEx when we can get unencrypted session keys. * BUG 8943: Slow but responsive DC can lock up winbindd for > 10 minutes at a time. o Björn Baumbach <bb@sernet.de> * BUG 7564: Fix default name resolve order in the manpage. o John Bradshaw <john@johnbradshaw.org> * BUG 7938: Fix typo (overrided -> overridden) in Samba3-HOWTO. o Olaf Flebbe <o.flebbe@science-computing.de> * BUG 8552: Correct documentation of "case sensitive". o Björn Jacke <bj@sernet.de> * BUG 8869: Remove outdated netscape ds 5 schema file. * BUG 9011: Fix build on HP-UX. o Volker Lendecke <vl@samba.org> * Fix uninitialized memory read in talloc_free(). * BUG 8338: OS/X can not deal with a 10-vwv read on normal files. * BUG 8998: Notify code can miss a ChDir. * BUG 9000: Fix a Winbind race leading to 100% CPU. * BUG 9003: Fix posix acl on gpfs. o Matthieu Patou <mat@matws.net> * BUG 8975: Make sure that Winbind can coredump. o Karolin Seeger <kseeger@samba.org> * BUG 7930: Add hint that setting "profile acls = yes" on normal shares can cause trouble. o Richard Sharpe <realrichardsharpe@gmail.com> * BUG 8822: Fix building out-of-tree vfs modules. * BUG 8970: Fix possible memory leaks in the Samba master process. o Simo Sorce <idra@samba.org> * BUG 8915: Fix pam_winbind build against newer iniparser library.
Pullup ticket #3767 - requested by taca net/samba35: security update Revisions pulled up: - net/samba35/Makefile 1.20 - net/samba35/distinfo 1.12 --- Module Name: pkgsrc Committed By: taca Date: Wed May 2 14:50:19 UTC 2012 Modified Files: pkgsrc/net/samba35: Makefile distinfo Log Message: Update samba35 package to 3.5.15. ============================== Release Notes for Samba 3.5.15 April 30, 2012 ============================== This is a security release in order to address CVE-2012-2111 (Incorrect permission checks when granting/removing privileges can compromise file server security). o CVE-2012-2111: Samba 3.4.x to 3.6.4 are affected by a vulnerability that allows arbitrary users to modify privileges on a file server.
Update samba35 package to 3.5.15. ============================== Release Notes for Samba 3.5.15 April 30, 2012 ============================== This is a security release in order to address CVE-2012-2111 (Incorrect permission checks when granting/removing privileges can compromise file server security). o CVE-2012-2111: Samba 3.4.x to 3.6.4 are affected by a vulnerability that allows arbitrary users to modify privileges on a file server.
Pullup ticket #3729 - requested by jdf net/samba: security update net/samba35: security update Revisions pulled up: - net/samba/Makefile 1.218 - net/samba/distinfo 1.84 - net/samba35/Makefile 1.19 - net/samba35/distinfo 1.11 --- Module Name: pkgsrc Committed By: asau Date: Wed Apr 11 09:36:21 UTC 2012 Modified Files: pkgsrc/net/samba35: Makefile distinfo Log Message: Update to Samba 3.5.14 This is a security release in order to address CVE-2012-1182 ("root" credential remote code execution). o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes since 3.5.13: --------------------- o Stefan Metzmacher <metze%samba.org@localhost> *BUG 8815: PIDL based autogenerated code allows overwriting beyond of allocated array (CVE-2012-1182). --- Module Name: pkgsrc Committed By: asau Date: Wed Apr 11 09:30:09 UTC 2012 Modified Files: pkgsrc/net/samba: Makefile distinfo Log Message: Update to Samba 3.6.4 This is a security release in order to address CVE-2012-1182 ("root" credential remote code execution). o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes since 3.6.3: -------------------- o Stefan Metzmacher <metze%samba.org@localhost> *BUG 8815: PIDL based autogenerated code allows overwriting beyond of allocated array (CVE-2012-1182).
Update to Samba 3.5.14 This is a security release in order to address CVE-2012-1182 ("root" credential remote code execution). o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes since 3.5.13: --------------------- o Stefan Metzmacher <metze@samba.org> *BUG 8815: PIDL based autogenerated code allows overwriting beyond of allocated array (CVE-2012-1182).
Changes 3.5.13: * BUG 8327: Fix config reload to reload shares from registry. * BUG 8139: Ignore SMBecho errors. * BUG 8521: Fix Winbind cache timeout expiry test. * BUG 8561: Fully observe password change settings. * BUG 8631: Fix POSIX ACE x permission mapping to and from a DACL. * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field. * BUG 8644: Make sure that vfs_acl_xattr and vfs_acl_tdb modules add inheritable entries on a directory with no stored ACL. * BUG 8663: Fix deleting a symlink if the symlink target is outside of the * share. * BUG 8664: Fix renaming a symlink if the symlink target is outside of the share. * BUG 8673: Fix NT ACL issue. * BUG 8679: Make sure that recvfile code path using splice() on Linux does not leave data in the pipe on short write. * BUG 8687: Fix typo in 'net memberships' usage.
nss module install fix-ups . Now that samba-nss-winbind-install and samba-nss-wins-install work again. 1) Switch back to using the the above mentioned targets for installing nss-winbind and nss_wins. (These targets work on all platforms.) 2) Switch back to using ${NSS_WINBIND} and ${NSS_WINS} in the PLIST as these work on all platforms. Bump PKGREVISION
Add missing zlib buildlink. Bump PKGREVISION.
PLIST fix for other OSes other than NetBSD
Convert packages with add --libdir=* to CONFIGURE_ARGS to use GNU_CONFIGURE_LIBDIR or GNU_CONFIGURE_LIBSUBDIR.
Restore build on latest netbsd-5 by making sure utimensat(2) is not used.
Update to Samba 3.5.12 This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.12 include: o Fix race condition in Winbind (bug 7844). o The VFS ACL modules are no longer experimental but production-ready. See full release notes at http://www.samba.org/samba/history/samba-3.5.12.html
integrate the patch from the following url: http://www.ogris.de/samba/unix-active-directory.html and install nss_winbind. bump PKGREVISION.
Explicitly depend on gettext-lib; use BROKEN_GETTEXT_DETECTION=yes, because configure does not check for -lintl
Changes 3.5.11: * Fix access to Samba shares when Windows security patch KB2536276 is installed * Fix DoS in Winbind and smbd with many file descriptors open * Fix Winbind panics if verify_idpool() fails
Pullup ticket #3478 - requested by taca net/samba35 security update. Revisions pulled up: - net/samba35/Makefile 1.8 - net/samba35/distinfo 1.5 --- Module Name: pkgsrc Committed By: taca Date: Wed Jul 27 00:52:20 UTC 2011 Modified Files: pkgsrc/net/samba35: Makefile distinfo Log Message: Update samba35 pacakge to 3.5.10; security fix for swat. ============================== Release Notes for Samba 3.5.10 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.5.9: -------------------- o Kai Blin <kai@samba.org> * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT.
Update samba35 pacakge to 3.5.10; security fix for swat. ============================== Release Notes for Samba 3.5.10 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.5.9: -------------------- o Kai Blin <kai@samba.org> * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT.
Major enhancements in Samba 3.5.9 include: * Sgid bit lost on folder rename. * ACL can get lost when files are being renamed. * Respect "allow trusted domains = no" in Winbind.
recursive bump from gettext-lib shlib bump.
Explicitly disable merged build option (samba4). Reflects discussion by PR pkg/44786.
Changes 3.5.8: * Fix Winbind crash bug when no DC is available * Fix finding users on domain members * Fix memory leaks in Winbind * Fix printing with Windows 7 clients
Pullup ticket #3368 - requested by taca net/samba35 security fix. Revisions pulled up: - net/samba35/Makefile 1.2 - net/samba35/distinfo 1.2 --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 28 14:34:56 UTC 2011 Modified Files: pkgsrc/net/samba35: Makefile distinfo Log Message: Update samba35 pacakge to 3.5.7. Release Announcements ===================== Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to address CVE-2011-0719. o CVE-2011-0719: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated (guest connection). Currently we do not believe this flaw is exploitable beyond a crash or causing the code to loop, but on the advice of our security reviewers we are releasing fixes in case an exploit is discovered at a later date. Changes ------- o Jeremy Allison <jra at samba.org> * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
Pullup ticket 3372 - requested by sbd build fix for Linux Revisions pulled up: - pkgsrc/net/samba35/Makefile 1.3 ----------------------------------------------------------------------------- Module Name: pkgsrc Committed By: sbd Date: Tue Mar 1 11:28:59 UTC 2011 Modified Files: pkgsrc/net/samba35: Makefile Log Message: Add --with-cifsumount to CONFIGURE_ARGS on Linux systems in order to build umount.cifs To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/samba35/Makefile
Add --with-cifsumount to CONFIGURE_ARGS on Linux systems in order to build umount.cifs
Update samba35 pacakge to 3.5.7. Release Announcements ===================== Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to address CVE-2011-0719. o CVE-2011-0719: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated (guest connection). Currently we do not believe this flaw is exploitable beyond a crash or causing the code to loop, but on the advice of our security reviewers we are releasing fixes in case an exploit is discovered at a later date. Changes ------- o Jeremy Allison <jra at samba.org> * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
Samba provides file and print services for Microsoft Windows clients. These services may be hosted off any TCP/IP-enabled platform. The Samba project includes not only an impressive feature set in file and print serving capabilities, but has been extended to include client functionality, utilities to ease migration to Samba, tools to aid interoperability with Microsoft Windows, and administration tools.
Initial revision