Update samba33 package to 3.3.16; security fix for swat.

============================== Release Notes for Samba 3.3.16 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.3.15 -------------------- o Kai Blin <kai@samba.org> * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT.
author: taca <taca> 2011-07-27 00:53:37 +0000
committer: taca <taca> 2011-07-27 00:53:37 +0000
commit: 2fe28aaa1f1adb571e9a181d73363a62b71bc900 (patch)
tree: 8df1eb3ae1a846cc02fd5482f42e5025c57b300d /net
parent: 2c708371d3a57160ca9f108c489ea91c1d3dc477 (diff)
download: pkgsrc-2fe28aaa1f1adb571e9a181d73363a62b71bc900.tar.gz
3 files changed, 50 insertions, 47 deletions
diff --git a/net/samba33/Makefile b/net/samba33/Makefile
index f8fc8d1ce4a..ba56089d052 100644
--- a/net/samba33/Makefile
+++ b/net/samba33/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.14 2011/04/22 13:44:27 obache Exp $
+# $NetBSD: Makefile,v 1.15 2011/07/27 00:53:37 taca Exp $
 
 .include "../../net/samba/Makefile.mirrors"
 
 DISTNAME=		samba-${VERSION}
-PKGREVISION=		1
 CATEGORIES=		net
 MASTER_SITES=		${SAMBA_MIRRORS:=old-versions/}
 
@@ -12,7 +11,7 @@ HOMEPAGE=		http://www.samba.org/
 COMMENT=		SMB/CIFS protocol server suite
 LICENSE=		gnu-gpl-v3
 
-VERSION=		3.3.15
+VERSION=		3.3.16
 CONFLICTS+=		ja-samba-[0-9]* pam-smbpass-[0-9]* tdb-[0-9]*	\
 			winbind-[0-9]*
 MAKE_JOBS_SAFE=		NO
diff --git a/net/samba33/distinfo b/net/samba33/distinfo
index d7635e0f448..2ace38c56e3 100644
--- a/net/samba33/distinfo
+++ b/net/samba33/distinfo
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.6 2011/02/28 14:34:09 taca Exp $
+$NetBSD: distinfo,v 1.7 2011/07/27 00:53:37 taca Exp $
 
-SHA1 (samba-3.3.15.tar.gz) = b555ee27f69f943982f92de771e9e094615712c1
-RMD160 (samba-3.3.15.tar.gz) = af83e6c26d550d6ddc8a1000cb72ed9b8fc9d124
-Size (samba-3.3.15.tar.gz) = 25591883 bytes
+SHA1 (samba-3.3.16.tar.gz) = bfb06f2cd88ba6c2fb9d25cabf3b22bf1a402f08
+RMD160 (samba-3.3.16.tar.gz) = 30e181de0e5399503cad3e09f3dd172a0fc6a011
+Size (samba-3.3.16.tar.gz) = 25566685 bytes
 SHA1 (patch-aa) = 35b1e645bd3d023cd8b6ecde383dac290509ca07
 SHA1 (patch-ab) = 0372ff2e3caca866dacd6ed25ae1d02e34a5b567
 SHA1 (patch-ac) = dfddc9fa7f76126e523c7859ac66ce9dd432d732
 SHA1 (patch-ad) = 447aaf4ea4cc98f0ccd5a3a22e1ffec0e69a3971
 SHA1 (patch-ae) = 6698c698dc64c0f3df159157d182eae6aaa70958
-SHA1 (patch-af) = 02293c56207899656fea2516101f2541e1939dcd
+SHA1 (patch-af) = 2c668c3bcc2fd90be65ef226acd1fec03dff9a91
 SHA1 (patch-ag) = ef8421c3d17deeb0a4621ed50a57b51c755fdd1f
 SHA1 (patch-ah) = d8603bf8ed0e93070dd9d86cb229d8494fde937b
 SHA1 (patch-ai) = 07619c24084bfa380302a5c215ba5283d7be94a8
diff --git a/net/samba33/patches/patch-af b/net/samba33/patches/patch-af
index afd7c90a41b..7a96ee74c8d 100644
--- a/net/samba33/patches/patch-af
+++ b/net/samba33/patches/patch-af
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
+$NetBSD: patch-af,v 1.2 2011/07/27 00:53:37 taca Exp $
 
---- configure.orig	2010-01-14 10:38:54.000000000 +0000
+--- configure.orig	2011-07-24 19:11:21.000000000 +0000
 +++ configure
-@@ -899,6 +899,7 @@ with_fhs
+@@ -857,6 +857,7 @@ with_fhs
  with_privatedir
  with_rootsbindir
  with_lockdir
@@ -10,7 +10,7 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  with_piddir
  with_swatdir
  with_configdir
-@@ -1637,6 +1638,8 @@ Optional Packages:
+@@ -1584,6 +1585,8 @@ Optional Packages:
                            ($ac_default_prefix/sbin)
    --with-lockdir=DIR      Where to put lock files
                            ($ac_default_prefix/var/locks)
@@ -19,7 +19,7 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
    --with-piddir=DIR       Where to put pid files
                            ($ac_default_prefix/var/locks)
    --with-swatdir=DIR      Where to put SWAT files ($ac_default_prefix/swat)
-@@ -2403,6 +2406,7 @@ echo "LIBREPLACE_LOCATION_CHECKS: END"
+@@ -2989,6 +2992,7 @@ echo "LIBREPLACE_LOCATION_CHECKS: END"
  
  rootsbindir="\${SBINDIR}"
  lockdir="\${VARDIR}/locks"
@@ -27,17 +27,27 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  piddir="\${VARDIR}/locks"
  test "${mandir}" || mandir="\${prefix}/man"
  logfilebase="\${VARDIR}"
-@@ -2422,7 +2426,8 @@ localedir="\${prefix}/share/locale"
- if test "${with_fhs+set}" = set; then
+@@ -3008,7 +3012,7 @@ localedir="\${prefix}/share/locale"
+ if test "${with_fhs+set}" = set; then :
    withval=$with_fhs;  case "$withval" in
    yes)
 -    lockdir="\${VARDIR}/lib/samba"
 +    lockdir="\${VARDIR}/run/samba"
-+    statedir="\${VARDIR}/db/samba"
      piddir="\${VARDIR}/run"
      mandir="\${prefix}/share/man"
      logfilebase="\${VARDIR}/log/samba"
-@@ -2505,6 +2510,26 @@ fi
+@@ -3018,8 +3022,8 @@ if test "${with_fhs+set}" = set; then :
+     configdir="\${sysconfdir}/samba"
+     swatdir="\${DATADIR}/samba/swat"
+     codepagedir="\${MODULESDIR}"
+-    statedir="\${VARDIR}/lib/samba"
+-    cachedir="\${VARDIR}/lib/samba"
++    statedir="\${VARDIR}/db/samba"
++    cachedir="\${VARDIR}/db/samba"
+ 
+ $as_echo "#define FHS_COMPATIBLE 1" >>confdefs.h
+ 
+@@ -3089,6 +3093,26 @@ fi
  
  
  #################################################
@@ -64,29 +74,29 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
  # set pid directory location
  
  # Check whether --with-piddir was given.
-@@ -40236,7 +40261,7 @@ done
- 
- 
+@@ -14426,7 +14450,7 @@ _ACEOF
+ fi
+ done
  
 -for ac_func in getdents getdents64
 +for ac_func in getdents getdents64 getpwent_r
- do
- as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
- { $as_echo "$as_me:$LINENO: checking for $ac_func" >&5
-@@ -60703,9 +60728,9 @@ LIBS="-lcrypto $KRB5_LIBS  $LIBS"
+ do :
+   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+@@ -23165,9 +23189,9 @@ LIBS="-lcrypto $KRB5_LIBS  $LIBS"
  
  
  
--        { $as_echo "$as_me:$LINENO: checking for des_set_key in -lcrypto" >&5
+-        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5
 -$as_echo_n "checking for des_set_key in -lcrypto... " >&6; }
--if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then
-+        { $as_echo "$as_me:$LINENO: checking for EVP_des_cbc -lcrypto" >&5
+-if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then :
++        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5
 +$as_echo_n "checking for EVP_des_cbc in -lcrypto... " >&6; }
-+if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then
++if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then :
    $as_echo_n "(cached) " >&6
  else
-   cat >conftest.$ac_ext <<_ACEOF
-@@ -60721,11 +60746,11 @@ cat >>conftest.$ac_ext <<_ACEOF
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+@@ -23179,31 +23203,31 @@ else
  #ifdef __cplusplus
  extern "C"
  #endif
@@ -100,39 +110,33 @@ $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $
    ;
    return 0;
  }
-@@ -60751,13 +60776,13 @@ $as_echo "$ac_try_echo") >&5
- 	 test "$cross_compiling" = yes ||
- 	 $as_test_x conftest$ac_exeext
-        }; then
+ _ACEOF
+ if ac_fn_c_try_link "$LINENO"; then :
 -  ac_cv_lib_ext_crypto_des_set_key=yes;
 +  ac_cv_lib_ext_crypto_EVP_des_cbc=yes;
  		  ac_cv_lib_ext_crypto=yes
  else
-   $as_echo "$as_me: failed program was:" >&5
- sed 's/^/| /' conftest.$ac_ext >&5
- 
--	ac_cv_lib_ext_crypto_des_set_key=no;
-+	ac_cv_lib_ext_crypto_EVP_des_cbc=no;
+-  ac_cv_lib_ext_crypto_des_set_key=no;
++  ac_cv_lib_ext_crypto_EVP_des_cbc=no;
  		  ac_cv_lib_ext_crypto=no
  fi
- 
-@@ -60766,11 +60791,11 @@ rm -f core conftest.err conftest.$ac_obj
-       conftest$ac_exeext conftest.$ac_ext
+ rm -f core conftest.err conftest.$ac_objext \
+     conftest$ac_exeext conftest.$ac_ext
  
  fi
--{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_des_set_key" >&5
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5
 -$as_echo "$ac_cv_lib_ext_crypto_des_set_key" >&6; }
--    if test $ac_cv_lib_ext_crypto_des_set_key = yes; then
-+{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5
+-    if test $ac_cv_lib_ext_crypto_des_set_key = yes; then :
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5
 +$as_echo "$ac_cv_lib_ext_crypto_EVP_des_cbc" >&6; }
-+    if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then
++    if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then :
    cat >>confdefs.h <<_ACEOF
 -#define HAVE_DES_SET_KEY 1
 +#define HAVE_EVP_DES_CBC 1
  _ACEOF
  
  fi
-@@ -76724,31 +76749,39 @@ case "$host_os" in
+@@ -32397,31 +32421,39 @@ case "$host_os" in
  		NSSSONAMEVERSIONSUFFIX=".2"
  		WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_linux.o"
  		;;
author	taca <taca>	2011-07-27 00:53:37 +0000
committer	taca <taca>	2011-07-27 00:53:37 +0000
commit	2fe28aaa1f1adb571e9a181d73363a62b71bc900 (patch)
tree	8df1eb3ae1a846cc02fd5482f42e5025c57b300d /net
parent	2c708371d3a57160ca9f108c489ea91c1d3dc477 (diff)
download	pkgsrc-2fe28aaa1f1adb571e9a181d73363a62b71bc900.tar.gz