diff options
author | taca <taca> | 2003-04-07 18:10:07 +0000 |
---|---|---|
committer | taca <taca> | 2003-04-07 18:10:07 +0000 |
commit | adaabdccbb564e913fc2b979f66eb12e6dcf93dc (patch) | |
tree | 4d1169e0506c080b630d6e58b603b431b8587342 /net/ja-samba | |
parent | 39aa04b999076d77a985accee1209c0c264a7bee (diff) | |
download | pkgsrc-adaabdccbb564e913fc2b979f66eb12e6dcf93dc.tar.gz |
Update ja-samba package to 2.2.7.1.1.1nb1.
Manually merge changes between samba 2.2.7a and samba 2.2.7b,
addressing both CAN-2003-0201 and CAN-2003-0085 by The Common
Vulnerabilities and Exposures (CVE) project.
Diffstat (limited to 'net/ja-samba')
-rw-r--r-- | net/ja-samba/MESSAGE.security | 6 | ||||
-rw-r--r-- | net/ja-samba/MESSAGE.smbpasswd | 10 | ||||
-rw-r--r-- | net/ja-samba/Makefile | 3 | ||||
-rw-r--r-- | net/ja-samba/distinfo | 6 | ||||
-rw-r--r-- | net/ja-samba/patches/patch-ar | 40 | ||||
-rw-r--r-- | net/ja-samba/patches/patch-as | 13 | ||||
-rw-r--r-- | net/ja-samba/patches/patch-at | 24 | ||||
-rw-r--r-- | net/ja-samba/patches/patch-au | 13 |
8 files changed, 105 insertions, 10 deletions
diff --git a/net/ja-samba/MESSAGE.security b/net/ja-samba/MESSAGE.security index 21b2ab974ea..ec5b1e4bc4d 100644 --- a/net/ja-samba/MESSAGE.security +++ b/net/ja-samba/MESSAGE.security @@ -1,9 +1,9 @@ =========================================================================== -$NetBSD: MESSAGE.security,v 1.1 2003/03/29 08:18:44 taca Exp $ +$NetBSD: MESSAGE.security,v 1.2 2003/04/07 18:10:07 taca Exp $ *===* ADDITIONAL SECURITY NOTES *===* -ja-samba-2.2.7.1.1.1 already contains fixes for two security problems -which are solved by samba 2.2.8. +${PKGNAME} already contains fixes for two security problems +which are solved by samba 2.2.8 and samba 2.2.8a. =========================================================================== diff --git a/net/ja-samba/MESSAGE.smbpasswd b/net/ja-samba/MESSAGE.smbpasswd index 4b38ef62d53..c0a29caf606 100644 --- a/net/ja-samba/MESSAGE.smbpasswd +++ b/net/ja-samba/MESSAGE.smbpasswd @@ -1,5 +1,5 @@ =========================================================================== -$NetBSD: MESSAGE.smbpasswd,v 1.1.1.1 2002/06/25 15:31:34 taca Exp $ +$NetBSD: MESSAGE.smbpasswd,v 1.2 2003/04/07 18:10:07 taca Exp $ *===* SECURITY NOTES *===* @@ -12,8 +12,8 @@ These encrypted passwords are _PASSWORD_EQUIVALENT_ from the viewpoint of the SMB protocol. Do _NOT_ weaken the permissions of this file unless there is a very good reason. -Please note that even if you pkg_delete ${PKGNAME}, the smbpasswd file -will remain on the system. If you don't intend to use this package -anymore, then it is _STRONGLY_ recommended that you remove the smbpasswd -file manually. +Please note that even if you pkg_delete ${PKGNAME}, +the smbpasswd file will remain on the system. If you don't intend to use +this package anymore, then it is _STRONGLY_ recommended that you remove +the smbpasswd file manually. =========================================================================== diff --git a/net/ja-samba/Makefile b/net/ja-samba/Makefile index e72fd1cf38a..f47f642e64c 100644 --- a/net/ja-samba/Makefile +++ b/net/ja-samba/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.10 2003/03/29 08:18:45 taca Exp $ +# $NetBSD: Makefile,v 1.11 2003/04/07 18:10:07 taca Exp $ .include "Makefile.common" PKGNAME= ja-samba-${SAMBA_BASE_VERS:S/a/.1/}.${SAMBA_JA_VERS} +PKGREVISION= 1 CATEGORIES= net MAINTAINER= tech-pkg-ja@jp.netbsd.org diff --git a/net/ja-samba/distinfo b/net/ja-samba/distinfo index 2a195955ab3..798cb8a188b 100644 --- a/net/ja-samba/distinfo +++ b/net/ja-samba/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.6 2003/03/31 16:33:22 taca Exp $ +$NetBSD: distinfo,v 1.7 2003/04/07 18:10:07 taca Exp $ SHA1 (samba-2.2.7a-ja-1.1.tar.bz2) = 7555ad9055a5c2e19f7506138713ade174d26816 Size (samba-2.2.7a-ja-1.1.tar.bz2) = 7307743 bytes @@ -14,3 +14,7 @@ SHA1 (patch-an) = 55c7f9785c19d84b8ad74bbf0827162b156e2327 SHA1 (patch-ao) = cc0b3d73d0c7de4cd46e66b0d66b2c3bbaddeb41 SHA1 (patch-ap) = 199e2f8e5f2a5ac5aace21e6ada1fd8887a19059 SHA1 (patch-aq) = e5b442fb7eb837bb2771ac71c73e6f95ae6fdfc2 +SHA1 (patch-ar) = 1974317b2be6689df6d0ad06138fa5a28dfaf99f +SHA1 (patch-as) = 3aa4e0d7f254d2302940b4b6540b4e1b96582b2b +SHA1 (patch-at) = 1b4215e00c243eb21d009ef13896371eecacf5c3 +SHA1 (patch-au) = ad02a1175a5aeb2e6a8f65b280df0e550d557970 diff --git a/net/ja-samba/patches/patch-ar b/net/ja-samba/patches/patch-ar new file mode 100644 index 00000000000..98c7939405b --- /dev/null +++ b/net/ja-samba/patches/patch-ar @@ -0,0 +1,40 @@ +$NetBSD: patch-ar,v 1.1 2003/04/07 18:10:08 taca Exp $ + +--- smbd/ipc.c.orig 2003-03-17 13:17:56.000000000 +0900 ++++ smbd/ipc.c +@@ -398,7 +398,7 @@ int reply_trans(connection_struct *conn, + + if (tdscnt) { + if((data = (char *)malloc(tdscnt)) == NULL) { +- DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt)); ++ DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt)); + END_PROFILE(SMBtrans); + return(ERROR_DOS(ERRDOS,ERRnomem)); + } +@@ -412,7 +412,7 @@ int reply_trans(connection_struct *conn, + + if (tpscnt) { + if((params = (char *)malloc(tpscnt)) == NULL) { +- DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt)); ++ DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt)); + SAFE_FREE(data); + END_PROFILE(SMBtrans); + return(ERROR_DOS(ERRDOS,ERRnomem)); +@@ -428,7 +428,7 @@ int reply_trans(connection_struct *conn, + if (suwcnt) { + int i; + if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) { +- DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16)))); ++ DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16)))); + SAFE_FREE(data); + SAFE_FREE(params); + END_PROFILE(SMBtrans); +@@ -524,7 +524,7 @@ int reply_trans(connection_struct *conn, + } + + +- DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n", ++ DEBUG(3,("trans <%s> data=%u params=%u setup=%u\n", + name,tdscnt,tpscnt,suwcnt)); + + /* diff --git a/net/ja-samba/patches/patch-as b/net/ja-samba/patches/patch-as new file mode 100644 index 00000000000..5c013e8c37c --- /dev/null +++ b/net/ja-samba/patches/patch-as @@ -0,0 +1,13 @@ +$NetBSD: patch-as,v 1.1 2003/04/07 18:10:08 taca Exp $ + +--- smbd/password.c.orig 2002-11-21 22:05:51.000000000 +0900 ++++ smbd/password.c +@@ -816,7 +816,7 @@ and given password ok\n", user)); + if (!ok && lp_username(snum)) { + char *auser; + pstring user_list; +- StrnCpy(user_list,lp_username(snum),sizeof(pstring)); ++ StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1); + + pstring_sub(user_list,"%S",lp_servicename(snum), True); + diff --git a/net/ja-samba/patches/patch-at b/net/ja-samba/patches/patch-at new file mode 100644 index 00000000000..8d1c65444aa --- /dev/null +++ b/net/ja-samba/patches/patch-at @@ -0,0 +1,24 @@ +$NetBSD: patch-at,v 1.1 2003/04/07 18:10:08 taca Exp $ + +--- smbd/reply.c.orig 2003-02-05 15:15:15.000000000 +0900 ++++ smbd/reply.c +@@ -1490,6 +1490,9 @@ int reply_search(connection_struct *conn + + for (i=numentries;(i<maxentries) && !finished;i++) + { ++ /* check to make sure we have room in the buffer */ ++ if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE ) ++ break; + finished = + !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); + if (!finished) +@@ -3603,6 +3606,9 @@ int reply_printqueue(connection_struct * + + + for (i=first;i<first+num_to_get;i++) { ++ /* check to make sure we have room in the buffer */ ++ if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE ) ++ break; + put_dos_date2(p,0,queue[i].time); + SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3)); + SSVAL(p,5, queue[i].job); diff --git a/net/ja-samba/patches/patch-au b/net/ja-samba/patches/patch-au new file mode 100644 index 00000000000..af9799bc677 --- /dev/null +++ b/net/ja-samba/patches/patch-au @@ -0,0 +1,13 @@ +$NetBSD: patch-au,v 1.1 2003/04/07 18:10:08 taca Exp $ + +--- smbd/statcache.c.orig 2001-11-09 18:27:43.000000000 +0900 ++++ smbd/statcache.c +@@ -88,7 +88,7 @@ void stat_cache_add( char *full_orig_nam + * StrnCpy always null terminates. + */ + +- StrnCpy(orig_name, full_orig_name, namelen); ++ StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1)); + if(!case_sensitive) + strupper( orig_name ); + |