diff options
author | sbd <sbd> | 2011-03-03 07:26:41 +0000 |
---|---|---|
committer | sbd <sbd> | 2011-03-03 07:26:41 +0000 |
commit | 46847d6e3e34e63d361a20e71e51e28330fcc472 (patch) | |
tree | e361baa49f6e75f9cae47cb577ea181032a1291a /pkgtools | |
parent | 15a53dd3ef93bc5185ca6c0b2734cbc9a5af9af2 (diff) | |
download | pkgsrc-46847d6e3e34e63d361a20e71e51e28330fcc472.tar.gz |
Pullup ticket #3368 - requested by taca
net/samba35 security fix.
Revisions pulled up:
- net/samba35/Makefile 1.2
- net/samba35/distinfo 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 28 14:34:56 UTC 2011
Modified Files:
pkgsrc/net/samba35: Makefile distinfo
Log Message:
Update samba35 pacakge to 3.5.7.
Release Announcements
=====================
Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.
o CVE-2011-0719:
All current released versions of Samba are vulnerable to
a denial of service caused by memory corruption. Range
checks on file descriptors being used in the FD_SET macro
were not present allowing stack corruption. This can cause
the Samba code to crash or to loop attempting to select
on a bad file descriptor set.
A connection to a file share, or a local account is needed
to exploit this problem, either authenticated or unauthenticated
(guest connection).
Currently we do not believe this flaw is exploitable
beyond a crash or causing the code to loop, but on the
advice of our security reviewers we are releasing fixes
in case an exploit is discovered at a later date.
Changes
-------
o Jeremy Allison <jra at samba.org>
* BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
Diffstat (limited to 'pkgtools')
0 files changed, 0 insertions, 0 deletions