timur 2009-06-26 00:35:25 UTC
FreeBSD ports repository
Modified files:
net/samba32 Makefile distinfo pkg-plist.swat
net/samba32/files patch-Makefile.in patch-configure.in
patch-lib__iconv.c
patch-lib__replace__libreplace_cc.m4
patch-m4__aclocal.m4
patch-nsswitch__pam_winbind.c
patch-nsswitch__wins_freebsd.c
patch-smbd__quotas.c
patch-smbd__statvfs.c
patch-utils__net_time.c
Log:
Security update of net/samba32 to the 3.2.13 version.
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data
value can potentially affect access control when "dos filemode"
is set to "yes".
Security: CVE-2009-1886, CVE-2009-1888
Revision Changes Path
1.10 +2 -3 ports/net/samba32/Makefile
1.8 +3 -3 ports/net/samba32/distinfo
1.4 +42 -4 ports/net/samba32/files/patch-Makefile.in
1.5 +2 -2 ports/net/samba32/files/patch-configure.in
1.4 +2 -2 ports/net/samba32/files/patch-lib__iconv.c
1.4 +2 -2
ports/net/samba32/files/patch-lib__replace__libreplace_cc.m4
1.4 +2 -2 ports/net/samba32/files/patch-m4__aclocal.m4
1.4 +2 -2 ports/net/samba32/files/patch-nsswitch__pam_winbind.c
1.4 +2 -2 ports/net/samba32/files/patch-nsswitch__wins_freebsd.c
1.4 +2 -2 ports/net/samba32/files/patch-smbd__quotas.c
1.4 +2 -2 ports/net/samba32/files/patch-smbd__statvfs.c
1.4 +2 -2 ports/net/samba32/files/patch-utils__net_time.c
1.5 +1 -1 ports/net/samba32/pkg-plist.swat
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"
