diff options
| author | taca <taca@pkgsrc.org> | 2009-10-04 16:58:38 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2009-10-04 16:58:38 +0000 |
| commit | 869af6a3d74dbc4cae9b612c60bbe197fe3881b2 (patch) | |
| tree | 986afaa99b144acd19b3850ede9f4f310e381a57 /licenses/fs-kit-license | |
| parent | 0593510e0cd92b817d08b22f290acf8b738b0afb (diff) | |
| download | pkgsrc-869af6a3d74dbc4cae9b612c60bbe197fe3881b2.tar.gz | |
Update samba package to 3.0.37.
This is a security release in order to address CVE-2009-2813, CVE-2009-2948
and CVE-2009-2906.
Please note that Samba 3.0 is not maintained any longer. This security
release is shipped on a voluntary basis.
o CVE-2009-2813:
In all versions of Samba later than 3.0.11, connecting to the home
share of a user will use the root of the filesystem
as the home directory if this user is misconfigured to have
an empty home directory in /etc/passwd.
o CVE-2009-2948:
If mount.cifs is installed as a setuid program, a user can pass it a
credential or password path to which he or she does not have access and
then use the --verbose option to view the first line of that file.
o CVE-2009-2906:
Specially crafted SMB requests on authenticated SMB connections can
send smbd into a 100% CPU loop, causing a DoS on the Samba server.
Diffstat (limited to 'licenses/fs-kit-license')
0 files changed, 0 insertions, 0 deletions