diff options
| author | taca <taca@pkgsrc.org> | 2012-03-13 13:22:24 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2012-03-13 13:22:24 +0000 |
| commit | adfa5980a43e874cb663ae448a274200ebe86493 (patch) | |
| tree | 4a617b604462efe66742719b13f593d3d7f551d9 /net/samba30 | |
| parent | 2541bb289f2ccbc58dd4b64b66f84564d71f7ae3 (diff) | |
| download | pkgsrc-adfa5980a43e874cb663ae448a274200ebe86493.tar.gz | |
Add patch for CVE-2012-0870.
Bump PKGREVISION.
Diffstat (limited to 'net/samba30')
| -rw-r--r-- | net/samba30/Makefile | 4 | ||||
| -rw-r--r-- | net/samba30/distinfo | 4 | ||||
| -rw-r--r-- | net/samba30/patches/patch-ee | 23 |
3 files changed, 21 insertions, 10 deletions
diff --git a/net/samba30/Makefile b/net/samba30/Makefile index dda83fd846e..986a010a239 100644 --- a/net/samba30/Makefile +++ b/net/samba30/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.3 2012/02/01 08:14:47 sbd Exp $ +# $NetBSD: Makefile,v 1.4 2012/03/13 13:23:18 taca Exp $ .include "../../net/samba/Makefile.mirrors" DISTNAME= samba-${VERSION} -PKGREVISION= 7 +PKGREVISION= 9 CATEGORIES= net MASTER_SITES= ${SAMBA_MIRRORS:=old-versions/} diff --git a/net/samba30/distinfo b/net/samba30/distinfo index 65660aa9e16..eeae4a68c42 100644 --- a/net/samba30/distinfo +++ b/net/samba30/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.1.1.1 2011/12/15 22:23:24 asau Exp $ +$NetBSD: distinfo,v 1.2 2012/03/13 13:23:18 taca Exp $ SHA1 (samba-3.0.37.tar.gz) = 5ec6bc6558b3c799f747eb49fbba019d5edf0cbd RMD160 (samba-3.0.37.tar.gz) = 06b76ae22729e10c83d6af42d03b03ad69e49103 @@ -39,6 +39,6 @@ SHA1 (patch-cg) = 2755a019759826a39c3e201f6a0d1646e6dd2fba SHA1 (patch-ch) = 3c4c404519154e294cee134ddb4d2b9c7d8e02a2 SHA1 (patch-ci) = d78298d0997cf7877cfe2411355fb6c61dec17f6 SHA1 (patch-da) = 2dddd250b2207d658b02ff43b46199ce4305b7f8 -SHA1 (patch-ee) = d52511dc7d065db7ba1464138c4bc85cfe2f0d59 +SHA1 (patch-ee) = b5bae1f8ebbd02cae70a5d7a8faef8ad5e5896ac SHA1 (patch-lib_replace_test_os2__delete.c) = 27958a98f37fdc03e109c641d768721e4e587f31 SHA1 (patch-libsmb_clikrb5.c) = 0efe8e7b06588a727b8cf459ed6e9dc46d1b8f13 diff --git a/net/samba30/patches/patch-ee b/net/samba30/patches/patch-ee index f242b8d6f29..f6b8f93d554 100644 --- a/net/samba30/patches/patch-ee +++ b/net/samba30/patches/patch-ee @@ -1,24 +1,35 @@ -$NetBSD: patch-ee,v 1.1.1.1 2011/12/15 22:23:24 asau Exp $ +$NetBSD: patch-ee,v 1.2 2012/03/13 13:23:18 taca Exp $ -Patch to fix CVE-2010-2063. +Patch to fix CVE-2010-2063 and CVE-2012-0870. --- smbd/process.c.orig 2009-09-30 12:21:56.000000000 +0000 +++ smbd/process.c -@@ -1159,6 +1159,7 @@ int chain_reply(char *inbuf,char *outbuf +@@ -1159,8 +1159,9 @@ int chain_reply(char *inbuf,char *outbuf { static char *orig_inbuf; static char *orig_outbuf; + static int orig_size; int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0); - unsigned smb_off2 = SVAL(inbuf,smb_vwv1); +- unsigned smb_off2 = SVAL(inbuf,smb_vwv1); ++ static unsigned smb_off2; char *inbuf2, *outbuf2; -@@ -1178,6 +1179,13 @@ int chain_reply(char *inbuf,char *outbuf + int outsize2; + int new_size; +@@ -1178,6 +1179,21 @@ int chain_reply(char *inbuf,char *outbuf /* this is the first part of the chain */ orig_inbuf = inbuf; orig_outbuf = outbuf; + orig_size = size; ++ smb_off2 = 0; + } + ++ if (SVAL(inbuf,smb_vwv1) <= smb_off2) { ++ DEBUG(1, ("AndX offset not increasing\n")); ++ SCVAL(outbuf, smb_vwv0, 0xFF); ++ return; ++ } ++ smb_off2 = SVAL(inbuf, smb_vwv1); ++ + /* Validate smb_off2 */ + if ((smb_off2 < smb_wct - 4) || orig_size < (smb_off2 + 4 - smb_wct)) { + exit_server_cleanly("Bad chained packet"); @@ -26,7 +37,7 @@ Patch to fix CVE-2010-2063. } /* -@@ -1192,6 +1200,11 @@ int chain_reply(char *inbuf,char *outbuf +@@ -1192,6 +1208,11 @@ int chain_reply(char *inbuf,char *outbuf SSVAL(outbuf,smb_vwv1,smb_offset(outbuf+outsize,outbuf)); SCVAL(outbuf,smb_vwv0,smb_com2); |