cvs commit: ports/net/samba32 Makefile distinfo pkg-plist.swat
ports/net/samba32/files patch-Makefile.in patch-configure.in
patch-lib__iconv.c patch-lib__replace__libreplace_cc.m4 patch-m4__aclocal.m4
patch-nsswitch__pam_winbind.c patch-nsswitch__wins_freebsd.c
patch-smbd__quotas.c ...
Timur I. Bakeyev
timur at FreeBSD.org
Fri Jun 26 00:35:26 UTC 2009
timur 2009-06-26 00:35:25 UTC
FreeBSD ports repository
Modified files:
net/samba32 Makefile distinfo pkg-plist.swat
net/samba32/files patch-Makefile.in patch-configure.in
patch-lib__iconv.c
patch-lib__replace__libreplace_cc.m4
patch-m4__aclocal.m4
patch-nsswitch__pam_winbind.c
patch-nsswitch__wins_freebsd.c
patch-smbd__quotas.c
patch-smbd__statvfs.c
patch-utils__net_time.c
Log:
Security update of net/samba32 to the 3.2.13 version.
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data
value can potentially affect access control when "dos filemode"
is set to "yes".
Security: CVE-2009-1886, CVE-2009-1888
Revision Changes Path
1.10 +2 -3 ports/net/samba32/Makefile
1.8 +3 -3 ports/net/samba32/distinfo
1.4 +42 -4 ports/net/samba32/files/patch-Makefile.in
1.5 +2 -2 ports/net/samba32/files/patch-configure.in
1.4 +2 -2 ports/net/samba32/files/patch-lib__iconv.c
1.4 +2 -2 ports/net/samba32/files/patch-lib__replace__libreplace_cc.m4
1.4 +2 -2 ports/net/samba32/files/patch-m4__aclocal.m4
1.4 +2 -2 ports/net/samba32/files/patch-nsswitch__pam_winbind.c
1.4 +2 -2 ports/net/samba32/files/patch-nsswitch__wins_freebsd.c
1.4 +2 -2 ports/net/samba32/files/patch-smbd__quotas.c
1.4 +2 -2 ports/net/samba32/files/patch-smbd__statvfs.c
1.4 +2 -2 ports/net/samba32/files/patch-utils__net_time.c
1.5 +1 -1 ports/net/samba32/pkg-plist.swat
More information about the cvs-ports
mailing list