Commit graph

24 commits

Author SHA1 Message Date
taca
e003ca815c Update samba35 package to 3.5.15.
==============================
                   Release Notes for Samba 3.5.15
			   April 30, 2012
                   ==============================


This is a security release in order to address
CVE-2012-2111 (Incorrect permission checks when granting/removing
privileges can compromise file server security).

o  CVE-2012-2111:
   Samba 3.4.x to 3.6.4 are affected by a
   vulnerability that allows arbitrary users
   to modify privileges on a file server.
2012-05-02 14:50:19 +00:00
asau
9b61131448 Update to Samba 3.5.14
This is a security release in order to address
CVE-2012-1182 ("root" credential remote code execution).

o  CVE-2012-1182:
   Samba 3.0.x to 3.6.3 are affected by a
   vulnerability that allows remote code
   execution as the "root" user.

Changes since 3.5.13:
---------------------

o   Stefan Metzmacher <metze@samba.org>
    *BUG 8815: PIDL based autogenerated code allows overwriting beyond of
     allocated array (CVE-2012-1182).
2012-04-11 09:36:21 +00:00
abs
a3239be7d9 Add a buildlink for anyone who needs samba 3.5 2012-03-18 17:31:53 +00:00
adam
698b757f71 Changes 3.5.13:
* BUG 8327: Fix config reload to reload shares from registry.
* BUG 8139: Ignore SMBecho errors.
* BUG 8521: Fix Winbind cache timeout expiry test.
* BUG 8561: Fully observe password change settings.
* BUG 8631: Fix POSIX ACE x permission mapping to and from a DACL.
* BUG 8636: When returning an ACL without SECINFO_DACL requested, we still
  set SEC_DESC_DACL_PRESENT in the type field.
* BUG 8644: Make sure that vfs_acl_xattr and vfs_acl_tdb modules add
  inheritable entries on a directory with no stored ACL.
* BUG 8663: Fix deleting a symlink if the symlink target is outside of the
* share.
* BUG 8664: Fix renaming a symlink if the symlink target is outside of the
  share.
* BUG 8673: Fix NT ACL issue.
* BUG 8679: Make sure that recvfile code path using splice() on Linux
  does not leave data in the pipe on short write.
* BUG 8687: Fix typo in 'net memberships' usage.
2012-03-13 12:40:53 +00:00
sbd
bd942346b6 nss module install fix-ups .
Now that samba-nss-winbind-install and samba-nss-wins-install work again.

1) Switch back to using the the above mentioned targets for installing
   nss-winbind and nss_wins.  (These targets work on all platforms.)
2) Switch back to using ${NSS_WINBIND} and ${NSS_WINS} in the PLIST as
   these work on all platforms.

Bump PKGREVISION
2012-02-01 08:32:01 +00:00
sbd
99db8e994f Add missing zlib buildlink.
Bump PKGREVISION.
2012-01-31 07:42:15 +00:00
sbd
4b9a688a73 Add PLIST.Linux 2012-01-31 07:28:58 +00:00
adam
458adf3831 PLIST fix for other OSes other than NetBSD 2012-01-27 14:32:02 +00:00
sbd
1e38404e66 Convert packages with add --libdir=* to CONFIGURE_ARGS to use
GNU_CONFIGURE_LIBDIR or GNU_CONFIGURE_LIBSUBDIR.
2012-01-17 21:43:18 +00:00
manu
887c6bf239 Restore build on latest netbsd-5 by making sure utimensat(2) is not used. 2012-01-09 05:18:46 +00:00
asau
d0fc9f7b68 Update to Samba 3.5.12
This is the latest stable release of Samba 3.5.

Major enhancements in Samba 3.5.12 include:

o  Fix race condition in Winbind (bug 7844).
o  The VFS ACL modules are no longer experimental but production-ready.

See full release notes at http://www.samba.org/samba/history/samba-3.5.12.html
2011-12-16 23:21:45 +00:00
jmcneill
8fea200561 integrate the patch from the following url:
http://www.ogris.de/samba/unix-active-directory.html
and install nss_winbind. bump PKGREVISION.
2011-10-11 20:30:00 +00:00
adam
eafacaa1b1 Explicitly depend on gettext-lib; use BROKEN_GETTEXT_DETECTION=yes, because configure does not check for -lintl 2011-09-30 13:41:33 +00:00
adam
02fc748429 Changes 3.5.11:
* Fix access to Samba shares when Windows security patch KB2536276 is installed
* Fix DoS in Winbind and smbd with many file descriptors open
* Fix Winbind panics if verify_idpool() fails
2011-08-05 09:51:45 +00:00
apb
908a761e32 Fix an infinite loop in the configure script's test for
"checking for replacing readdir using getdirentries()".
The functions in samba-3.5.10/lib/replace/repdir_getdirentries.c
fail on NetBSD 5.99.54, and the test code in
samba-3.5.10/lib/replace/test/os2_delete.c
did not handle the failure.

Not bumping PKGREVISION, because this affects only the
configure script, and the package did not build on
NetBSD-current before.
2011-08-01 08:42:39 +00:00
taca
74098265ab Update samba35 pacakge to 3.5.10; security fix for swat.
==============================
                   Release Notes for Samba 3.5.10
			   July 26, 2011
                   ==============================


This is a security release in order to address
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).


o  CVE-2011-2522:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site request forgery.


o  CVE-2011-2694:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site scripting
   vulnerability.

Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.


Changes since 3.5.9:
--------------------


o   Kai Blin <kai@samba.org>
    * BUG 8289: SWAT contains a cross-site scripting vulnerability.
    * BUG 8290: CSRF vulnerability in SWAT.
2011-07-27 00:52:20 +00:00
wiz
9636de951a Fix PLIST with -winbind, fixes PR 45121 by John D. Baker. 2011-07-10 17:03:15 +00:00
adam
9f8039f0de Major enhancements in Samba 3.5.9 include:
* Sgid bit lost on folder rename.
* ACL can get lost when files are being renamed.
* Respect "allow trusted domains = no" in Winbind.
2011-06-15 11:45:08 +00:00
obache
0e2c97799a recursive bump from gettext-lib shlib bump. 2011-04-22 13:41:54 +00:00
taca
78f45373ff Explicitly disable merged build option (samba4).
Reflects discussion by PR pkg/44786.
2011-03-31 13:57:30 +00:00
adam
3b06596d88 Changes 3.5.8:
* Fix Winbind crash bug when no DC is available
* Fix finding users on domain members
* Fix memory leaks in Winbind
* Fix printing with Windows 7 clients
2011-03-08 08:30:07 +00:00
sbd
e1767a0add Add --with-cifsumount to CONFIGURE_ARGS on Linux systems in order to build
umount.cifs
2011-03-01 11:28:59 +00:00
taca
f90d172f83 Update samba35 pacakge to 3.5.7.
Release Announcements
=====================

Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to
address CVE-2011-0719.


o  CVE-2011-0719:
   All current released versions of Samba are vulnerable to
   a denial of service caused by memory corruption. Range
   checks on file descriptors being used in the FD_SET macro
   were not present allowing stack corruption. This can cause
   the Samba code to crash or to loop attempting to select
   on a bad file descriptor set.

   A connection to a file share, or a local account is needed
   to exploit this problem, either authenticated or unauthenticated
   (guest connection).

   Currently we do not believe this flaw is exploitable
   beyond a crash or causing the code to loop, but on the
   advice of our security reviewers we are releasing fixes
   in case an exploit is discovered at a later date.


Changes
-------


o   Jeremy Allison <jra at samba.org>
    * BUG 7949: Fix DoS in Winbind and smbd with many file descriptors open.
2011-02-28 14:34:56 +00:00
adam
25d06b98ae Samba provides file and print services for Microsoft Windows clients.
These services may be hosted off any TCP/IP-enabled platform.  The
Samba project includes not only an impressive feature set in file and
print serving capabilities, but has been extended to include client
functionality, utilities to ease migration to Samba, tools to aid
interoperability with Microsoft Windows, and administration tools.
2010-12-06 17:01:22 +00:00