Navigation:
Browse pkgsrc
(this page)| 2015-03-01 19:27:25 by Sevan Janiyan | Files touched by this commit (1) |
Log message: Account for the libraries installed on FreeBSD Reviewed by wiz@ |
| 2015-02-24 10:54:47 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update samba package to 3.6.25.
==============================
Release Notes for Samba 3.6.25
February 23, 2015
==============================
This is a security release in order to address CVE-2015-0240 (Unexpected
code execution in smbd).
o CVE-2015-0240:
All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an
unexpected code execution vulnerability in the smbd file server
daemon.
A malicious client could send packets that may set up the stack in
such a way that the freeing of memory in a subsequent anonymous
netlogon packet could allow execution of arbitrary code. This code
would execute with root privileges.
o CVE-2014-0178:
In preparing a response to an authenticated FSCTL_GET_SHADOW_COPY_DATA
or FSCTL_SRV_ENUMERATE_SNAPSHOTS client request, affected versions of
Samba do not initialize 8 bytes of the 16 byte SRV_SNAPSHOT_ARRAY
response field. The uninitialized buffer is sent back to the client.
A non-default VFS module providing the get_shadow_copy_data_fn() hook
must be explicitly enabled for Samba to process the aforementioned
client requests. Therefore, only configurations with "shadow_copy" or
"shadow_copy2" specified for the "vfs objects" parameter \
are vulnerable.
|
| 2015-02-02 11:42:18 by Jonathan Perkin | Files touched by this commit (2) |
Log message: SunOS inotify requires sys/filio.h for FIONREAD. |
| 2015-01-23 09:09:37 by OBATA Akio | Files touched by this commit (3) |
Log message: tell pidfile name |
| 2015-01-21 00:49:52 by Thomas Klausner | Files touched by this commit (1) |
Log message: Do not enable ads on Darwin-10+ by default. Fixes PR 49590 by Youri Mouton. |
| 2014-07-21 08:46:27 by OBATA Akio | Files touched by this commit (1) |
Log message: Haiku also supports some vfs modules too. from diger. |
| 2014-07-21 08:44:30 by OBATA Akio | Files touched by this commit (3) |
Log message: Move Darwin specific PLIST entries to PLIST.Darwin, same as SunOS, Linux. |
| 2014-06-24 16:06:30 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update samba to 3.6.24, security release.
==============================
Release Notes for Samba 3.6.24
June 23, 2014
==============================
This is a security release in order to address
CVE-2014-0244 (Denial of service - CPU loop) and
CVE-2014-3493 (Denial of service - Server crash/memory corruption).
o CVE-2014-0244:
All current released versions of Samba are vulnerable to a denial of
service on the nmbd NetBIOS name services daemon. A malformed packet
can cause the nmbd server to loop the CPU and prevent any further
NetBIOS name service.
This flaw is not exploitable beyond causing the code to loop expending
CPU resources.
o CVE-2014-3493:
All current released versions of Samba are affected by a denial of service
crash involving overwriting memory on an authenticated connection to the
smbd file server.
|
| 2014-06-18 11:28:18 by Thomas Klausner | Files touched by this commit (40) |
Log message: Bump PKGREVISION for cups -> cups15 change. |
| 2014-06-18 11:26:12 by Thomas Klausner | Files touched by this commit (46) |
Log message: Switch all cups packages to use cups15. |
New packages: