Update samba33 package to 3.3.16; security fix for swat.

============================== Release Notes for Samba 3.3.16 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.3.15 -------------------- o Kai Blin <kai@samba.org> * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT.
author: taca <taca> 2011-07-27 00:53:37 +0000
committer: taca <taca> 2011-07-27 00:53:37 +0000
commit: 2fe28aaa1f1adb571e9a181d73363a62b71bc900 (patch)
tree: 8df1eb3ae1a846cc02fd5482f42e5025c57b300d /net/samba33/patches
parent: 2c708371d3a57160ca9f108c489ea91c1d3dc477 (diff)
download: pkgsrc-2fe28aaa1f1adb571e9a181d73363a62b71bc900.tar.gz
1 files changed, 43 insertions, 39 deletions
diff --git a/net/samba33/patches/patch-af b/net/samba33/patches/patch-af
index afd7c90a41b..7a96ee74c8d 100644
--- a/net/samba33/patches/patch-af
+++ b/net/samba33/patches/patch-af
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
+$NetBSD: patch-af,v 1.2 2011/07/27 00:53:37 taca Exp $
 
---- configure.orig	2010-01-14 10:38:54.000000000 +0000
+--- configure.orig	2011-07-24 19:11:21.000000000 +0000
 +++ configure
-@@ -899,6 +899,7 @@ with_fhs
+@@ -857,6 +857,7 @@ with_fhs
  with_privatedir
  with_rootsbindir
  with_lockdir
@@ -10,7 +10,7 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  with_piddir
  with_swatdir
  with_configdir
-@@ -1637,6 +1638,8 @@ Optional Packages:
+@@ -1584,6 +1585,8 @@ Optional Packages:
                            ($ac_default_prefix/sbin)
    --with-lockdir=DIR      Where to put lock files
                            ($ac_default_prefix/var/locks)
@@ -19,7 +19,7 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
    --with-piddir=DIR       Where to put pid files
                            ($ac_default_prefix/var/locks)
    --with-swatdir=DIR      Where to put SWAT files ($ac_default_prefix/swat)
-@@ -2403,6 +2406,7 @@ echo "LIBREPLACE_LOCATION_CHECKS: END"
+@@ -2989,6 +2992,7 @@ echo "LIBREPLACE_LOCATION_CHECKS: END"
  
  rootsbindir="\${SBINDIR}"
  lockdir="\${VARDIR}/locks"
@@ -27,17 +27,27 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  piddir="\${VARDIR}/locks"
  test "${mandir}" || mandir="\${prefix}/man"
  logfilebase="\${VARDIR}"
-@@ -2422,7 +2426,8 @@ localedir="\${prefix}/share/locale"
- if test "${with_fhs+set}" = set; then
+@@ -3008,7 +3012,7 @@ localedir="\${prefix}/share/locale"
+ if test "${with_fhs+set}" = set; then :
    withval=$with_fhs;  case "$withval" in
    yes)
 -    lockdir="\${VARDIR}/lib/samba"
 +    lockdir="\${VARDIR}/run/samba"
-+    statedir="\${VARDIR}/db/samba"
      piddir="\${VARDIR}/run"
      mandir="\${prefix}/share/man"
      logfilebase="\${VARDIR}/log/samba"
-@@ -2505,6 +2510,26 @@ fi
+@@ -3018,8 +3022,8 @@ if test "${with_fhs+set}" = set; then :
+     configdir="\${sysconfdir}/samba"
+     swatdir="\${DATADIR}/samba/swat"
+     codepagedir="\${MODULESDIR}"
+-    statedir="\${VARDIR}/lib/samba"
+-    cachedir="\${VARDIR}/lib/samba"
++    statedir="\${VARDIR}/db/samba"
++    cachedir="\${VARDIR}/db/samba"
+ 
+ $as_echo "#define FHS_COMPATIBLE 1" >>confdefs.h
+ 
+@@ -3089,6 +3093,26 @@ fi
  
  
  #################################################
@@ -64,29 +74,29 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  # set pid directory location
  
  # Check whether --with-piddir was given.
-@@ -40236,7 +40261,7 @@ done
- 
- 
+@@ -14426,7 +14450,7 @@ _ACEOF
+ fi
+ done
  
 -for ac_func in getdents getdents64
 +for ac_func in getdents getdents64 getpwent_r
- do
- as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- { $as_echo "$as_me:$LINENO: checking for $ac_func" >&5
-@@ -60703,9 +60728,9 @@ LIBS="-lcrypto $KRB5_LIBS  $LIBS"
+ do :
+   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+@@ -23165,9 +23189,9 @@ LIBS="-lcrypto $KRB5_LIBS  $LIBS"
  
  
  
--        { $as_echo "$as_me:$LINENO: checking for des_set_key in -lcrypto" >&5
+-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5
 -$as_echo_n "checking for des_set_key in -lcrypto... " >&6; }
--if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then
-+        { $as_echo "$as_me:$LINENO: checking for EVP_des_cbc -lcrypto" >&5
+-if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then :
++        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5
 +$as_echo_n "checking for EVP_des_cbc in -lcrypto... " >&6; }
-+if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then
++if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then :
    $as_echo_n "(cached) " >&6
  else
-   cat >conftest.$ac_ext <<_ACEOF
-@@ -60721,11 +60746,11 @@ cat >>conftest.$ac_ext <<_ACEOF
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+@@ -23179,31 +23203,31 @@ else
  #ifdef __cplusplus
  extern "C"
  #endif
@@ -100,39 +110,33 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
    ;
    return 0;
  }
-@@ -60751,13 +60776,13 @@ $as_echo "$ac_try_echo") >&5
- 	 test "$cross_compiling" = yes ||
- 	 $as_test_x conftest$ac_exeext
-        }; then
+ _ACEOF
+ if ac_fn_c_try_link "$LINENO"; then :
 -  ac_cv_lib_ext_crypto_des_set_key=yes;
 +  ac_cv_lib_ext_crypto_EVP_des_cbc=yes;
  		  ac_cv_lib_ext_crypto=yes
  else
-   $as_echo "$as_me: failed program was:" >&5
- sed 's/^/| /' conftest.$ac_ext >&5
- 
--	ac_cv_lib_ext_crypto_des_set_key=no;
-+	ac_cv_lib_ext_crypto_EVP_des_cbc=no;
+-  ac_cv_lib_ext_crypto_des_set_key=no;
++  ac_cv_lib_ext_crypto_EVP_des_cbc=no;
  		  ac_cv_lib_ext_crypto=no
  fi
- 
-@@ -60766,11 +60791,11 @@ rm -f core conftest.err conftest.$ac_obj
-       conftest$ac_exeext conftest.$ac_ext
+ rm -f core conftest.err conftest.$ac_objext \
+     conftest$ac_exeext conftest.$ac_ext
  
  fi
--{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_des_set_key" >&5
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5
 -$as_echo "$ac_cv_lib_ext_crypto_des_set_key" >&6; }
--    if test $ac_cv_lib_ext_crypto_des_set_key = yes; then
-+{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5
+-    if test $ac_cv_lib_ext_crypto_des_set_key = yes; then :
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5
 +$as_echo "$ac_cv_lib_ext_crypto_EVP_des_cbc" >&6; }
-+    if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then
++    if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then :
    cat >>confdefs.h <<_ACEOF
 -#define HAVE_DES_SET_KEY 1
 +#define HAVE_EVP_DES_CBC 1
  _ACEOF
  
  fi
-@@ -76724,31 +76749,39 @@ case "$host_os" in
+@@ -32397,31 +32421,39 @@ case "$host_os" in
  		NSSSONAMEVERSIONSUFFIX=".2"
  		WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_linux.o"
  		;;
author	taca <taca>	2011-07-27 00:53:37 +0000
committer	taca <taca>	2011-07-27 00:53:37 +0000
commit	2fe28aaa1f1adb571e9a181d73363a62b71bc900 (patch)
tree	8df1eb3ae1a846cc02fd5482f42e5025c57b300d /net/samba33/patches
parent	2c708371d3a57160ca9f108c489ea91c1d3dc477 (diff)
download	pkgsrc-2fe28aaa1f1adb571e9a181d73363a62b71bc900.tar.gz