./net/samba, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.6.25, Package name: samba-3.6.25, Maintainer: pkgsrc-users

Samba provides file and print services for Microsoft Windows clients.
These services may be hosted off any TCP/IP-enabled platform. The
Samba project includes not only an impressive feature set in file and
print serving capabilities, but has been extended to include client
functionality, utilities to ease migration to Samba, tools to aid
interoperability with Microsoft Windows, and administration tools.

DEINSTALL.nss_winbind [+/-]

Required to run:
[databases/tdb] [lang/perl5] [devel/popt] [devel/readline]


Package options: ads, ldap, pam, winbind

Master sites: (Expand)

SHA1: 86fbfcfe80454cc7dbe510e7d58c02922cac3efa
RMD160: 4df673ddac2a3fc8590820c8651e10f0dac90281
Filesize: 33322.098 KB

Version history: (Expand)


CVS history: (Expand)


   2015-03-01 19:27:25 by Sevan Janiyan | Files touched by this commit (1)
Log message:
Account for the libraries installed on FreeBSD

Reviewed by wiz@
   2015-02-24 10:54:47 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update samba package to 3.6.25.

                   ==============================
                   Release Notes for Samba 3.6.25
                          February 23, 2015
                   ==============================

This is a security release in order to address CVE-2015-0240 (Unexpected
code execution in smbd).

o  CVE-2015-0240:
   All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an
   unexpected code execution vulnerability in the smbd file server
   daemon.

   A malicious client could send packets that may set up the stack in
   such a way that the freeing of memory in a subsequent anonymous
   netlogon packet could allow execution of arbitrary code. This code
   would execute with root privileges.

o  CVE-2014-0178:
   In preparing a response to an authenticated FSCTL_GET_SHADOW_COPY_DATA
   or FSCTL_SRV_ENUMERATE_SNAPSHOTS client request, affected versions of
   Samba do not initialize 8 bytes of the 16 byte SRV_SNAPSHOT_ARRAY
   response field. The uninitialized buffer is sent back to the client.

   A non-default VFS module providing the get_shadow_copy_data_fn() hook
   must be explicitly enabled for Samba to process the aforementioned
   client requests. Therefore, only configurations with "shadow_copy" or
   "shadow_copy2" specified for the "vfs objects" parameter \ 
are vulnerable.
   2015-02-02 11:42:18 by Jonathan Perkin | Files touched by this commit (2)
Log message:
SunOS inotify requires sys/filio.h for FIONREAD.
   2015-01-23 09:09:37 by OBATA Akio | Files touched by this commit (3)
Log message:
tell pidfile name
   2015-01-21 00:49:52 by Thomas Klausner | Files touched by this commit (1)
Log message:
Do not enable ads on Darwin-10+ by default.
Fixes PR 49590 by Youri Mouton.
   2014-07-21 08:46:27 by OBATA Akio | Files touched by this commit (1)
Log message:
Haiku also supports some vfs modules too.
from diger.
   2014-07-21 08:44:30 by OBATA Akio | Files touched by this commit (3)
Log message:
Move Darwin specific PLIST entries to PLIST.Darwin, same as SunOS, Linux.
   2014-06-24 16:06:30 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update samba to 3.6.24, security release.

                   ==============================
                   Release Notes for Samba 3.6.24
                           June 23, 2014
                   ==============================

This is a security release in order to address
CVE-2014-0244 (Denial of service - CPU loop) and
CVE-2014-3493 (Denial of service - Server crash/memory corruption).

o  CVE-2014-0244:
   All current released versions of Samba are vulnerable to a denial of
   service on the nmbd NetBIOS name services daemon. A malformed packet
   can cause the nmbd server to loop the CPU and prevent any further
   NetBIOS name service.

   This flaw is not exploitable beyond causing the code to loop expending
   CPU resources.

o  CVE-2014-3493:
   All current released versions of Samba are affected by a denial of service
   crash involving overwriting memory on an authenticated connection to the
   smbd file server.