pkgsrc.se | The NetBSD package collection

./net/samba, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.6.15nb1, Package name: samba-3.6.15nb1, Maintainer: pkgsrc-users

Samba provides file and print services for Microsoft Windows clients.
These services may be hosted off any TCP/IP-enabled platform. The
Samba project includes not only an impressive feature set in file and
print serving capabilities, but has been extended to include client
functionality, utilities to ease migration to Samba, tools to aid
interoperability with Microsoft Windows, and administration tools.

DEINSTALL.nss_winbind [+/-]

Required to run:
[databases/tdb] [lang/perl5] [devel/popt] [devel/readline]

Package options: ads, ldap, pam, winbind

Master sites: (Expand)

SHA1: 59d528427eaf401cf387205f1fb9806dae282e55
RMD160: aa8235076d5ed1142847f464c8f5cfcd5cf94d7e
Filesize: 33311.729 KB

Version history: (Expand)

(2013-06-01) Updated to version: samba-3.6.15nb1
(2013-05-09) Updated to version: samba-3.6.15
(2013-05-01) Updated to version: samba-3.6.14
(2013-02-16) Updated to version: samba-3.6.12nb2
(2013-02-12) Updated to version: samba-3.6.12nb1
(2013-01-30) Updated to version: samba-3.6.12

CVS history: (Expand)

2013-06-12 14:35:36 by Thomas Klausner | Files touched by this commit (9)

Log message:
Remove GNU_CONFIGURE_LIBDIR.

Rationale: undocumented, easily replaced with "CONFIGURE_ARGS+=--libdir="
and only used by 10 packages.

2013-05-31 14:42:58 by Thomas Klausner | Files touched by this commit (2880)

Log message:
Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

2013-05-09 09:36:15 by Adam Ciarcinski | Files touched by this commit (2)

Log message:
Changes 3.6.15:
* BUG 9746: Fix "guest ok", "force user" and "force \ 
group" for guest users.
* BUG 9830: Fix panic in nt_printer_publish_ads.
* BUG 9854: Fix crash bug in Winbind.
* BUG 9817: Fix 'map untrusted to domain' with NTLMv2.

2013-04-30 22:08:10 by Adam Ciarcinski | Files touched by this commit (3)

Log message:
Changes 3.6.14:
* BUG 9130: Certain xattrs cause Windows error 0x800700FF.
* BUG 9724: Use is_encrypted_packet() function correctly inside server.
* BUG 9733: Fix 'smbcontrol close-share' is not working.
* BUG 9747: Make sure that we only propogate the INHERITED flag when we are
  allowed to.
* BUG 9748: Remove unneeded fstat system call from hot read path.
* BUG 9811: Fix bug in old create temp SMB request. Only use VFS functions.
* BUG 9650: New or deleted CUPS printerqueues are not recognized by Samba.
* BUG 9807: wbinfo: Fix segfault in wbinfo_pam_logon.
* BUG 9727: wkssvc: Fix NULL pointer dereference.
* BUG 9736: smbd: Tune "dir" a bit.
* BUG 9775: Fix segfault for "artificial" conn_structs.
* BUG 9809: RHEL SPEC: Package dbwrap_tool man page.
* BUG 9139: Fix the username map optimization.
* BUG 9699: Fix adding case sensitive spn.
* BUG 9723: Add a tool to migrate latin1 printing tdbs to registry.
* BUG 9735: Fix Winbind separator in upn to username conversion.
* BUG 9766: Cache name_to_sid/sid_to_name correctly.

2013-04-19 09:17:47 by Stephen Borrill | Files touched by this commit (1)

Log message:
Removeing -> Removing

2013-02-16 12:25:34 by Thomas Klausner | Files touched by this commit (1885)

Log message:
Recursive bump for png-1.6.

2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | Package updated

Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.

2013-01-30 12:42:55 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
Update samba to 3.6.12.

                   ==============================
                   Release Notes for Samba 3.6.12
                          January 30, 2013
                   ==============================

This is a security release in order to address
CVE-2013-0213 (Clickjacking issue in SWAT) and
CVE-2013-0214 (Potential XSRF in SWAT).

o  CVE-2013-0213:
   All current released versions of Samba are vulnerable to clickjacking in the
   Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into
   a malicious web page via a frame or iframe and then overlaid by other content,
   an attacker could trick an administrator to potentially change Samba settings.

   In order to be vulnerable, SWAT must have been installed and enabled
   either as a standalone server launched from inetd or xinetd, or as a
   CGI plugin to Apache. If SWAT has not been installed or enabled (which
   is the default install state for Samba) this advisory can be ignored.

o  CVE-2013-0214:
   All current released versions of Samba are vulnerable to a cross-site
   request forgery in the Samba Web Administration Tool (SWAT). By guessing a
   user's password and then tricking a user who is authenticated with SWAT into
   clicking a manipulated URL on a different web page, it is possible to manipulate
   SWAT.

   In order to be vulnerable, the attacker needs to know the victim's password.
   Additionally SWAT must have been installed and enabled either as a standalone
   server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has
   not been installed or enabled (which is the default install state for Samba)
   this advisory can be ignored.

Changes since 3.6.11:
--------------------

o   Kai Blin <kai@samba.org>
    * BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT.
    * BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.