- Fix 2 Security bugs

o CVS-2007-4572 Stack buffer overflow in nmbd's logon request processing. o CVE-2007-5398 Remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. - Bump PORTREVISION Approved by: portmgr (erwin), maintainer Security: http://www.vuxml.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html
svn path=/head/; revision=202781
2025-01-02 06:03:50 +00:00 · 2007-11-21 13:01:17 +00:00 · 2007-11-21 13:01:17 +00:00 · 20417ce3a5 · 2021-03-31 03:12:20 +00:00
commit 20417ce3a5
parent 088cb609f7
2 changed files with 11 additions and 1 deletions
--- a/net/samba3/Makefile
+++ b/net/samba3/Makefile
@ -7,7 +7,7 @@

 PORTNAME=		samba
 PORTVERSION?=		3.0.26a
-PORTREVISION?=		1
+PORTREVISION=		2
 PORTEPOCH?=		1
 CATEGORIES?=		net
 MASTER_SITES=		${MASTER_SITE_SAMBA}
@ -44,6 +44,10 @@ SAMBA_LIB=		lib
 SAMBA_LIBDIR=		${PREFIX}/${SAMBA_LIB}
 SAMBA_MODULEDIR=	${SAMBA_LIBDIR}/samba

+PATCH_SITES=	http://us1.samba.org/samba/ftp/patches/security/	
+PATCHFILES=	samba-3.0.26a-CVE-2007-4572.patch samba-3.0.26a-CVE-2007-5398.patch
+PATCH_DIST_STRIP=	-p2
+
 CONFIGURE_TARGET=	--build="${MACHINE_ARCH}-portbld-freebsd${OSREL}"

 CONFIGURE_ARGS+=	--exec-prefix="${PREFIX}" \
--- a/net/samba3/distinfo
+++ b/net/samba3/distinfo
@ -1,3 +1,9 @@
 MD5 (samba-3.0.26a.tar.gz) = 16b47e6add332e5ac4523fc88c381d06
 SHA256 (samba-3.0.26a.tar.gz) = 41e11f69288b2291f12f8db093e2c55dc1360555d4542c83c0758c4c7a3d4d37
 SIZE (samba-3.0.26a.tar.gz) = 18180031
+MD5 (samba-3.0.26a-CVE-2007-4572.patch) = 545990971f3f3757ee0f175170b7bcb6
+SHA256 (samba-3.0.26a-CVE-2007-4572.patch) = d960cf7d26788e87983ee7acb8af8c45d22a034c028cce619582f6a115108491
+SIZE (samba-3.0.26a-CVE-2007-4572.patch) = 8203
+MD5 (samba-3.0.26a-CVE-2007-5398.patch) = 79934d4dcc779a467697e7cf86046631
+SHA256 (samba-3.0.26a-CVE-2007-5398.patch) = 37a0181aa647de7feb888d675ea726e135bbe53bc3099076eaf0682fc1b11b05
+SIZE (samba-3.0.26a-CVE-2007-5398.patch) = 1232