Update samba35 pacakge to 3.5.10; security fix for swat. - pkgsrc

diff options

author	taca <taca>	2011-07-27 00:52:20 +0000
committer	taca <taca>	2011-07-27 00:52:20 +0000
commit	2c708371d3a57160ca9f108c489ea91c1d3dc477 (patch)
tree	d1be01c77763a147e8dfc8690e1b385a2d534d03 /net/samba33/patches
parent	2288e3fa223a2e8f5c20ac04d879abf3b9d4e4c1 (diff)
download	pkgsrc-2c708371d3a57160ca9f108c489ea91c1d3dc477.tar.gz

Update samba35 pacakge to 3.5.10; security fix for swat.

============================== Release Notes for Samba 3.5.10 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.5.9: -------------------- o Kai Blin <kai@samba.org> * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT.

Diffstat (limited to 'net/samba33/patches')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: