Pullup ticket #3368 - requested by taca

net/samba35 security fix.

Revisions pulled up:
- net/samba35/Makefile                                          1.2
- net/samba35/distinfo                                          1.2
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 28 14:34:56 UTC 2011

Modified Files:
	pkgsrc/net/samba35: Makefile distinfo

Log Message:
Update samba35 pacakge to 3.5.7.

Release Announcements
=====================

Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.

o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.

   A connection to a file share, or a local account is needed
   to exploit this problem, either authenticated or unauthenticated
   (guest connection).

   Currently we do not believe this flaw is exploitable
   beyond a crash or causing the code to loop, but on the
   advice of our security reviewers we are releasing fixes
   in case an exploit is discovered at a later date.

Changes
-------

o   Jeremy Allison <jra at samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.

0 files changed, 0 insertions, 0 deletions