Navigation:
Browse pkgsrc
(this page)| 2013-07-15 04:02:29 by Ryo ONODERA | Files touched by this commit (177) |
Log message: * .include "../../devel/readline/buildlink3.mk" with USE_GNU_READLINE=yes are replaced with .include "../../devel/readline/buildlink3.mk", and USE_GNU_READLINE are removed, * .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE are replaced with .include "../../mk/readline.buildlink3.mk". |
| 2013-06-12 14:35:36 by Thomas Klausner | Files touched by this commit (9) |
Log message: Remove GNU_CONFIGURE_LIBDIR. Rationale: undocumented, easily replaced with "CONFIGURE_ARGS+=--libdir=" and only used by 10 packages. |
| 2013-05-31 14:42:58 by Thomas Klausner | Files touched by this commit (2880) |
Log message: Bump all packages for perl-5.18, that a) refer 'perl' in their Makefile, or b) have a directory name of p5-*, or c) have any dependency on any p5-* package Like last time, where this caused no complaints. |
2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) |  |
Log message: PKGREVISION bumps for the security/openssl 1.0.1d update. |
| 2013-01-30 12:41:44 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update samba35 to 3.5.21.
==============================
Release Notes for Samba 3.5.21
January 30, 2013
==============================
This is a security release in order to address
CVE-2013-0213 (Clickjacking issue in SWAT) and
CVE-2013-0214 (Potential XSRF in SWAT).
o CVE-2013-0213:
All current released versions of Samba are vulnerable to clickjacking in the
Samba Web Administration Tool (SWAT). When the SWAT pages are integrated into
a malicious web page via a frame or iframe and then overlaid by other content,
an attacker could trick an administrator to potentially change Samba settings.
In order to be vulnerable, SWAT must have been installed and enabled
either as a standalone server launched from inetd or xinetd, or as a
CGI plugin to Apache. If SWAT has not been installed or enabled (which
is the default install state for Samba) this advisory can be ignored.
o CVE-2013-0214:
All current released versions of Samba are vulnerable to a cross-site
request forgery in the Samba Web Administration Tool (SWAT). By guessing a
user's password and then tricking a user who is authenticated with SWAT into
clicking a manipulated URL on a different web page, it is possible to manipulate
SWAT.
In order to be vulnerable, the attacker needs to know the victim's password.
Additionally SWAT must have been installed and enabled either as a standalone
server launched from inetd or xinetd, or as a CGI plugin to Apache. If SWAT has
not been installed or enabled (which is the default install state for Samba)
this advisory can be ignored.
Changes since 3.5.20:
---------------------
o Kai Blin <kai@samba.org>
* BUG 9576: CVE-2013-0213: Fix clickjacking issue in SWAT.
* BUG 9577: CVE-2013-0214: Fix potential XSRF in SWAT.
|
| 2012-12-17 13:01:35 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
Updaet samba35 to 3.5.20.
* 3.5.20
Changes since 3.5.19:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 7781: Samba transforms ShareName to lowercase (sharename) when
adding new share via MMC.
* BUG 9236: Apply ACL masks correctly when setting ACLs.
* BUG 9455: munmap called for an address location not mapped by Samba.
o Bj«Órn Baumbach <bb@sernet.de>
* BUG 9345: Fix usage of <smbconfoption> tag.
o Stefan Metzmacher <metze@samba.org>
* BUG 9390: Fix segfaults in log level = 10 on Solaris.
* BUG 9402: Fix dns updates against BIND9 (used in a Samba4 domain).
* 3.5.19
Changes since 3.5.18:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 9016: Connection to outbound trusted domain goes offline.
* BUG 9117: smbclient can't connect to a Windows 7 server using NTLMv2.
* BUG 9213: Bad ASN.1 NegTokenInit packet can cause invalid free.
* BUG 9236: ACL masks incorrectly applied when setting ACLs.
o Andrew Bartlett <abartlet@samba.org>
* BUG 8788: libsmb: Initialise ticket to ensure we do not free invalid
memory.
o Bj«Órn Jacke <bj@sernet.de>
* BUG 8344: autoconf: Fix --with(out)-sendfile-support option handling.
* BUG 8732: Fix compile of krb5 locator on Solaris.
* BUG 9172: Add quota support for gfs2.
o Matthieu Patou <mat@matws.net>
* BUG 9259: lib-addns: Ensure that allocated buffer are pre set to 0.
o Andreas Schneider <asn@samba.org>
* BUG 9218: Samba panics if a user specifies an invalid port number.
* 3.5.18
Changes since 3.5.17:
---------------------
o Michael Adam <obnox@samba.org>
* BUG 7788: Clarify the idmap_rid manpage.
o Jeremy Allison <jra@samba.org>
* BUG 9098: Winbind does not refresh Kerberos tickets.
* BUG 9147: Winbind can't fetch user or group info from AD via LDAP.
* BUG 9150: Valid open requests can cause smbd assert due to incorrect
oplock handling on delete requests.
o Neil R. Goldberg <ngoldber@mitre.org>
* BUG 9100: Winbind doesn't return "Domain Local" groups from \
own domain.
o Hargagan <shargagan@novell.com>
* BUG 9085: NMB registration for a duplicate workstation fails with
registration refuse.
o Bj«Órn Jacke <bj@sernet.de>
* BUG 7814: Fix build of sysquote_xfs.
* BUG 8402: Winbind log spammed with idmap messages.
o Volker Lendecke <vl@samba.org>
* BUG 9084: Fix a smbd crash in reply_lockingX_error.
o Herb Lewis <hlewis@panasas.com>
* BUG 9104: Fix Winbind crashes caused by mis-identified idle clients.
o Luca Lorenzetto <lorenzetto-luca@ubuntu-it.org>
* BUG 9013: Desktop Managers (xdm, gdm, lightdm...) crash with SIGSEGV in
_pam_winbind_change_pwd() when password is expiring.
* 3.5.17
Changes since 3.5.16:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 9034: Fix typo in set_re_uid() call when USE_SETRESUID selected in
configure.
o Bj«Órn Jacke <bj@sernet.de>
* BUG 8996: Fix build without ads support.
* BUG 9011: Second part of a fix for bug #9011 (Build on HP-UX broken).
o Stefan Metzmacher <metze@samba.org>
* BUG 9022: Make vfs_gpfs less verbose in get/set_xattr functions.
|
| 2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671) |
Log message: Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. |
| 2012-10-03 23:59:10 by Thomas Klausner | Files touched by this commit (2798) |
Log message: Bump all packages that use perl, or depend on a p5-* package, or are called p5-*. I hope that's all of them. |
| 2012-09-11 09:50:51 by Steven Drake | Files touched by this commit (3) |
Log message:
Sync net/samba35 with the below changes as it uses net/samba/options.mk.
Bump PKGREVISION
---
Module Name: pkgsrc
Committed By: sbd
Date: Sun Aug 19 07:28:36 UTC 2012
Modified Files:
pkgsrc/net/samba: INSTALL.nss_winbind Makefile options.mk
Added Files:
pkgsrc/net/samba: DEINSTALL.nss_winbind
Log message:
NSS winbind option install script fixes:
1) Move the INSTALL_TEMPLATES line to the 'winbind' option section.
2) Enable the install script on all platforms.
3) Use the value of ${NSS_WINBIND} in the script as the name of the
library (should work on all platforms).
4) In the install script only create the symlink if ${NSS_WINBIND} doesn't
start with '@comment' (i.e. no nss winbind on this platform) and the
target file exists and the symlink _doesn't_ already exist.
5) Create a DEINSTALL_TEMPLATES to remove the nss winbind symlink if it
exists and point to the correct target.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/net/samba/DEINSTALL.nss_winbind
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/samba/INSTALL.nss_winbind
cvs rdiff -u -r1.220 -r1.221 pkgsrc/net/samba/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/samba/options.mk
|
| 2012-07-07 14:35:53 by Aleksej Saushev | Files touched by this commit (3) |
Log message:
Update to Samba 3.5.16
==============================
Release Notes for Samba 3.5.16
July 2, 2012
==============================
This is the latest stable release of Samba 3.5.
Major enhancements in Samba 3.5.16 include:
o Fix possible memory leaks in the Samba master process (bug #8970).
o Fix uninitialized memory read in talloc_free().
o Fix smbd crash with unknown user (bug #8314).
Changes since 3.5.15:
---------------------
o Jeremy Allison <jra@samba.org>
* BUG 8314: Fix smbd crash with unknown user.
* BUG 8831: Fix inconsistent (with manpage) command-line switch for \
"help"
in smbtree.
* BUG 8882: Fix processing of %U with vfs_full_audit when "force user"
is set.
* BUG 8897: winbind_krb5_locator only returns one IP address.
* BUG 8910: resolve_ads() code can return zero addresses and miss valid DC
IP addresses.
* BUG 8957: Fix typo in pam_winbindd code.
* BUG 8972: Directory group write permission bit is set if unix extensions
are enabled.
* BUG 8974: Kernel oplocks are broken when uid(file) != uid(process).
* BUG 8989: Send correct responses to NT Transact Secondary when no data and
no params.
* BUG 8994: Fix "winbind normalize names".
o Andrew Bartlett <abartlet@samba.org>
* BUG 8599: Only use SamLogonEx when we can get unencrypted session keys.
* BUG 8943: Slow but responsive DC can lock up winbindd for > 10 minutes
at a time.
o Björn Baumbach <bb@sernet.de>
* BUG 7564: Fix default name resolve order in the manpage.
o John Bradshaw <john@johnbradshaw.org>
* BUG 7938: Fix typo (overrided -> overridden) in Samba3-HOWTO.
o Olaf Flebbe <o.flebbe@science-computing.de>
* BUG 8552: Correct documentation of "case sensitive".
o Björn Jacke <bj@sernet.de>
* BUG 8869: Remove outdated netscape ds 5 schema file.
* BUG 9011: Fix build on HP-UX.
o Volker Lendecke <vl@samba.org>
* Fix uninitialized memory read in talloc_free().
* BUG 8338: OS/X can not deal with a 10-vwv read on normal files.
* BUG 8998: Notify code can miss a ChDir.
* BUG 9000: Fix a Winbind race leading to 100% CPU.
* BUG 9003: Fix posix acl on gpfs.
o Matthieu Patou <mat@matws.net>
* BUG 8975: Make sure that Winbind can coredump.
o Karolin Seeger <kseeger@samba.org>
* BUG 7930: Add hint that setting "profile acls = yes" on normal \
shares can
cause trouble.
o Richard Sharpe <realrichardsharpe@gmail.com>
* BUG 8822: Fix building out-of-tree vfs modules.
* BUG 8970: Fix possible memory leaks in the Samba master process.
o Simo Sorce <idra@samba.org>
* BUG 8915: Fix pam_winbind build against newer iniparser library.
|
New packages: