kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
182303 commits 166 branches 0 tags 1.5 GiB
Commit graph

4 commits

Author SHA1 Message Date
taca
b479b8f76c Add workaround for NetBSD 5.99.54 as samba35. 2011-08-02 14:05:27 +00:00
taca
5525ba13ce Update samba33 package to 3.3.16; security fix for swat. 
==============================
                   Release Notes for Samba 3.3.16
		           July 26, 2011
                   ==============================


This is a security release in order to address
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).


o  CVE-2011-2522:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site request forgery.


o  CVE-2011-2694:
   The Samba Web Administration Tool (SWAT) in Samba versions
   3.0.x to 3.5.9 are affected by a cross-site scripting
   vulnerability.

Please note that SWAT must be enabled in order for these
vulnerabilities to be exploitable. By default, SWAT
is *not* enabled on a Samba install.


Changes since 3.3.15
--------------------


o   Kai Blin <kai@samba.org>
    * BUG 8289: SWAT contains a cross-site scripting vulnerability.
    * BUG 8290: CSRF vulnerability in SWAT.
 2011-07-27 00:53:37 +00:00
taca
c7f8a4ecf0 Update samba33 pacakge to 3.3.11. 
Changes since 3.3.10
--------------------


o   Jeremy Allison <jra@samba.org>
    * BUG 6557: Fix vfs_full_audit.
    * BUG 7036: Fix 'net rpc getsid' in hardened Windows environments.
    * BUG 7045: Fix bad (non memory copying) interfaces in smbc_setXXXX calls.
    * BUG 7067: Fix failing of smbd to respond to a read or a write caused by
      Linux asynchronous IO (aio).
    * BUG 7072: Fix unlocking of accounts from ldap.
    * BUG 7104: "wide links" and "unix extensions" are incompatible.
    * BUG 7122: Fix reading of large browselist.
    * BUG 7154: "mangling method = hash" can crash storing a name containing
      a '.'.
    * BUG 7155: Valgrind Conditional jump or move depends on uninitialised
      value(s) error when "mangling method = hash".


o   Gunther Deschner <gd@samba.org>
    * BUG 7043: Fix crash bug in "SMBC_parse_path".


o   Volker Lendecke <vl@samba.org>
    * BUG 5626: Fix build on AIX.
    * BUG 5885: Fix bogus ip address in SWAT.
    * BUG 7046: Fix a crash in libsmbclient used against the OpenSolaris CIFS
      server.


o   Stefan Metzmacher <metze@samba.org>
    * BUG 7098: Fix results of 'smbclient -L' with a large browse list.
    * BUG 7170: Fix handling of external domains in setups with one way trusts.


o   William Jojo <w.jojo@hvcc.edu>
    * BUG 7052: Fix DFS on AIX (maybe others).


o   Bo Yang <boyang@samba.org>
    * BUG 7106: Fix malformed require_membership_of_sid.
 2010-03-02 14:56:22 +00:00
taca
0a54216b4e Importing Samba 3.3.10 as net/samba33. 
This isn't latest release, but diffrence from current package is minimal
supported release.

Since changes are too huge to write here, please refer each release notes:

	http://www.samba.org/samba/history/

And this pacakge already contain fix for CVE-2009-3297.
 2010-02-16 16:24:15 +00:00