From c4e2ac6f9342c60457400fd587e5667919d5280d Mon Sep 17 00:00:00 2001 From: cjep Date: Mon, 7 Apr 2003 16:30:47 +0000 Subject: Update to Samba 2.2.8a. Changes since 2.2.8: Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in all stable versions of Samba currently shipping. The Common Vulnerabilities and Exposures (CVE) project has assigned the ID CAN-2003-0201 to this defect. This vulnerability, if exploited correctly, leads to an anonymous user gaining root access on a Samba serving system. All versions of Samba up to and including Samba 2.2.8 are vulnerable. An active exploit of the bug has been reported in the wild. --- net/samba/Makefile.common | 4 ++-- net/samba/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'net/samba') diff --git a/net/samba/Makefile.common b/net/samba/Makefile.common index 0118698f101..9dc8d11f0ec 100644 --- a/net/samba/Makefile.common +++ b/net/samba/Makefile.common @@ -1,7 +1,7 @@ -# $NetBSD: Makefile.common,v 1.7 2003/03/16 16:19:04 tron Exp $ +# $NetBSD: Makefile.common,v 1.8 2003/04/07 16:30:47 cjep Exp $ DISTNAME= samba-${SAMBA_DIST_VERS} -SAMBA_DIST_VERS= 2.2.8 +SAMBA_DIST_VERS= 2.2.8a WRKSRC?= ${WRKDIR}/${DISTNAME}/source CATEGORIES?= net MASTER_SITES= ftp://ftp.samba.org/pub/samba/ \ diff --git a/net/samba/distinfo b/net/samba/distinfo index e825b9e7fe6..4f0917c7a9f 100644 --- a/net/samba/distinfo +++ b/net/samba/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.27 2003/03/16 07:57:44 martti Exp $ +$NetBSD: distinfo,v 1.28 2003/04/07 16:30:47 cjep Exp $ -SHA1 (samba-2.2.8.tar.bz2) = 2c7c683a9b4cba86148e0ec40070f440afece1f1 -Size (samba-2.2.8.tar.bz2) = 4504858 bytes +SHA1 (samba-2.2.8a.tar.bz2) = f25ff456bf7ac58d32eb0209c15ce0b2fa6d7450 +Size (samba-2.2.8a.tar.bz2) = 4505672 bytes SHA1 (patch-aa) = 7f85ab121ffbcb67eb1f1c59f49245dda2eff44d SHA1 (patch-ab) = 8be47e3f277f191aff18f77d8ed5ef4d8903ec5f SHA1 (patch-ac) = cfde267ffe57046de18691f612e73ecdd1158d86 -- cgit v1.2.3