From 36186a66964e810937933886bcaa238edac94462 Mon Sep 17 00:00:00 2001 From: sbd Date: Tue, 1 Mar 2011 09:09:03 +0000 Subject: Pullup ticket #3367 - requested by taca net/samba33 security fix. Revisions pulled up: - net/samba33/Makefile 1.13 - net/samba33/distinfo 1.6 --- Module Name: pkgsrc Module Name: pkgsrc Committed By: taca Date: Mon Feb 28 14:34:09 UTC 2011 Modified Files: pkgsrc/net/samba33: Makefile distinfo Log Message: Update samba33 pacakge to 3.3.15. Release Announcements ===================== Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to address CVE-2011-0719. o CVE-2011-0719: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated (guest connection). Currently we do not believe this flaw is exploitable beyond a crash or causing the code to loop, but on the advice of our security reviewers we are releasing fixes in case an exploit is discovered at a later date. Changes ------- o Jeremy Allison * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open. --- net/samba33/Makefile | 5 ++--- net/samba33/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/net/samba33/Makefile b/net/samba33/Makefile index 0e6f6643cac..0b6b904eb35 100644 --- a/net/samba33/Makefile +++ b/net/samba33/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.12 2010/12/03 23:43:15 jmcneill Exp $ +# $NetBSD: Makefile,v 1.12.2.1 2011/03/01 09:09:03 sbd Exp $ .include "../../net/samba/Makefile.mirrors" DISTNAME= samba-${VERSION} -PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ${SAMBA_MIRRORS:=old-versions/} @@ -12,7 +11,7 @@ HOMEPAGE= http://www.samba.org/ COMMENT= SMB/CIFS protocol server suite LICENSE= gnu-gpl-v3 -VERSION= 3.3.14 +VERSION= 3.3.15 CONFLICTS+= ja-samba-[0-9]* pam-smbpass-[0-9]* tdb-[0-9]* \ winbind-[0-9]* MAKE_JOBS_SAFE= NO diff --git a/net/samba33/distinfo b/net/samba33/distinfo index b0bee250996..01431993a24 100644 --- a/net/samba33/distinfo +++ b/net/samba33/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.5 2010/09/14 13:08:23 taca Exp $ +$NetBSD: distinfo,v 1.5.4.1 2011/03/01 09:09:03 sbd Exp $ -SHA1 (samba-3.3.14.tar.gz) = 93a85b484066a9bda306d4283ee1d3e1ed7fe4a5 -RMD160 (samba-3.3.14.tar.gz) = 5e6cb798e35395913f57161916977f89ad4770af -Size (samba-3.3.14.tar.gz) = 25595811 bytes +SHA1 (samba-3.3.15.tar.gz) = b555ee27f69f943982f92de771e9e094615712c1 +RMD160 (samba-3.3.15.tar.gz) = af83e6c26d550d6ddc8a1000cb72ed9b8fc9d124 +Size (samba-3.3.15.tar.gz) = 25591883 bytes SHA1 (patch-aa) = 35b1e645bd3d023cd8b6ecde383dac290509ca07 SHA1 (patch-ab) = 0372ff2e3caca866dacd6ed25ae1d02e34a5b567 SHA1 (patch-ac) = dfddc9fa7f76126e523c7859ac66ce9dd432d732 -- cgit v1.2.3