From c2d370672e9560c5c6ef9e02c26aa8b1b32bc904 Mon Sep 17 00:00:00 2001 From: miwi Date: Wed, 21 Nov 2007 13:01:17 +0000 Subject: - Fix 2 Security bugs o CVS-2007-4572 Stack buffer overflow in nmbd's logon request processing. o CVE-2007-5398 Remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. - Bump PORTREVISION Approved by: portmgr (erwin), maintainer Security: http://www.vuxml.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html --- net/samba3/Makefile | 6 +++++- net/samba3/distinfo | 6 ++++++ 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'net') diff --git a/net/samba3/Makefile b/net/samba3/Makefile index df02c0b095b1..52c6bea33160 100644 --- a/net/samba3/Makefile +++ b/net/samba3/Makefile @@ -7,7 +7,7 @@ PORTNAME= samba PORTVERSION?= 3.0.26a -PORTREVISION?= 1 +PORTREVISION= 2 PORTEPOCH?= 1 CATEGORIES?= net MASTER_SITES= ${MASTER_SITE_SAMBA} @@ -44,6 +44,10 @@ SAMBA_LIB= lib SAMBA_LIBDIR= ${PREFIX}/${SAMBA_LIB} SAMBA_MODULEDIR= ${SAMBA_LIBDIR}/samba +PATCH_SITES= http://us1.samba.org/samba/ftp/patches/security/ +PATCHFILES= samba-3.0.26a-CVE-2007-4572.patch samba-3.0.26a-CVE-2007-5398.patch +PATCH_DIST_STRIP= -p2 + CONFIGURE_TARGET= --build="${MACHINE_ARCH}-portbld-freebsd${OSREL}" CONFIGURE_ARGS+= --exec-prefix="${PREFIX}" \ diff --git a/net/samba3/distinfo b/net/samba3/distinfo index 41e6bbb825ff..98b61afc8206 100644 --- a/net/samba3/distinfo +++ b/net/samba3/distinfo @@ -1,3 +1,9 @@ MD5 (samba-3.0.26a.tar.gz) = 16b47e6add332e5ac4523fc88c381d06 SHA256 (samba-3.0.26a.tar.gz) = 41e11f69288b2291f12f8db093e2c55dc1360555d4542c83c0758c4c7a3d4d37 SIZE (samba-3.0.26a.tar.gz) = 18180031 +MD5 (samba-3.0.26a-CVE-2007-4572.patch) = 545990971f3f3757ee0f175170b7bcb6 +SHA256 (samba-3.0.26a-CVE-2007-4572.patch) = d960cf7d26788e87983ee7acb8af8c45d22a034c028cce619582f6a115108491 +SIZE (samba-3.0.26a-CVE-2007-4572.patch) = 8203 +MD5 (samba-3.0.26a-CVE-2007-5398.patch) = 79934d4dcc779a467697e7cf86046631 +SHA256 (samba-3.0.26a-CVE-2007-5398.patch) = 37a0181aa647de7feb888d675ea726e135bbe53bc3099076eaf0682fc1b11b05 +SIZE (samba-3.0.26a-CVE-2007-5398.patch) = 1232 -- cgit