Navigation:
Browse pkgsrc
(this page) 2010-09-15 09:53:49 by Matthias Scheler | Files touched by this commit (2) |  |
Log message:
Pullup ticket #3223 - requested by taca
net/samba33: security update
Revisions pulled up:
- net/samba33/Makefile 1.11
- net/samba33/distinfo 1.5
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Sep 14 13:08:23 UTC 2010
Modified Files:
pkgsrc/net/samba33: Makefile distinfo
Log message:
Update samba33 package to 3.3.14.
==============================
Release Notes for Samba 3.3.14
September 14, 2010
==============================
This is a security release in order to address CVE-2010-3069.
o CVE-2010-3069:
All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.
|
New packages: