mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-23 04:23:08 +00:00
Security update of net/samba32 to the 3.2.13 version.
o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server. o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". Security: CVE-2009-1886, CVE-2009-1888
This commit is contained in:
parent
900b0cc5de
commit
955b273182
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=236633
@ -6,7 +6,7 @@
|
||||
#
|
||||
|
||||
PORTNAME= samba
|
||||
PORTVERSION?= 3.2.11
|
||||
PORTVERSION?= 3.2.13
|
||||
CATEGORIES?= net
|
||||
MASTER_SITES= ${MASTER_SITE_SAMBA}
|
||||
MASTER_SITE_SUBDIR= . old-versions rc pre
|
||||
@ -303,8 +303,7 @@ MAN8= eventlogadm.8 net.8 nmbd.8 pdbedit.8 smbd.8 smbpasswd.8 \
|
||||
|
||||
.if !defined(WITHOUT_WINBIND)
|
||||
MAN1+= wbinfo.1
|
||||
MAN7+= pam_winbind.7
|
||||
MAN8+= winbindd.8
|
||||
MAN8+= pam_winbind.8 winbindd.8
|
||||
.endif
|
||||
|
||||
.if !defined(WITHOUT_SWAT)
|
||||
|
@ -1,3 +1,3 @@
|
||||
MD5 (samba-3.2.11.tar.gz) = fc514bc92184b9b64544afa457e4d84e
|
||||
SHA256 (samba-3.2.11.tar.gz) = 5db81a9bd2842e7bf5f2fe8eeb0533eb59e6bb75a7d5f79f9e04c13baec32ef5
|
||||
SIZE (samba-3.2.11.tar.gz) = 24399021
|
||||
MD5 (samba-3.2.13.tar.gz) = aed1c2df274f504d4e7d4883da4581f6
|
||||
SHA256 (samba-3.2.13.tar.gz) = 91223a742183675cb3bb9ba1cc379948e8666e69735f348ea7d3794ce3bc778d
|
||||
SIZE (samba-3.2.13.tar.gz) = 24436090
|
||||
|
@ -1,6 +1,30 @@
|
||||
--- Makefile.in.orig 2008-12-15 08:11:28.000000000 +0000
|
||||
+++ Makefile.in 2009-01-26 01:58:03.000000000 +0000
|
||||
@@ -124,9 +124,8 @@
|
||||
--- ./Makefile.in.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./Makefile.in 2009-06-26 00:08:10.000000000 +0000
|
||||
@@ -45,7 +45,6 @@
|
||||
LDSHFLAGS=@LDSHFLAGS@ @RELRO_LDFLAGS@ @LDFLAGS@
|
||||
LDFLAGS=@PIE_LDFLAGS@ @RELRO_LDFLAGS@ @LDFLAGS@
|
||||
|
||||
-WINBIND_NSS_LDSHFLAGS=@WINBIND_NSS_LDSHFLAGS@ @LDFLAGS@
|
||||
AWK=@AWK@
|
||||
PICFLAG=@PICFLAG@
|
||||
DYNEXP=@DYNEXP@
|
||||
@@ -64,10 +63,14 @@
|
||||
LDAP_LIBS=@LDAP_LIBS@
|
||||
NSCD_LIBS=@NSCD_LIBS@
|
||||
UUID_LIBS=@UUID_LIBS@
|
||||
+
|
||||
WINBIND_LIBS=@WINBIND_LIBS@
|
||||
+WINBIND_NSS_LDSHFLAGS=@WINBIND_NSS_LDSHFLAGS@ @LDFLAGS@
|
||||
WINBIND_NSS_EXTRA_LIBS=@WINBIND_NSS_EXTRA_LIBS@
|
||||
-WINBIND_NSS_PTHREAD=@WINBIND_NSS_PTHREAD@
|
||||
PAM_WINBIND_EXTRA_LIBS=@PAM_WINBIND_EXTRA_LIBS@
|
||||
+WINBIND_WINS_NSS_EXTRA_LIBS=@WINBIND_WINS_NSS_EXTRA_LIBS@
|
||||
+WINBIND_NSS_PTHREAD=@WINBIND_NSS_PTHREAD@
|
||||
+
|
||||
DNSSD_LIBS=@DNSSD_LIBS@
|
||||
POPT_LIBS=@POPTLIBS@
|
||||
LIBTALLOC_LIBS=@LIBTALLOC_LIBS@
|
||||
@@ -122,9 +125,8 @@
|
||||
# These can be overridden by command line switches (see smbd(8))
|
||||
# or in smb.conf (see smb.conf(5))
|
||||
LOGFILEBASE = @logfilebase@
|
||||
@ -11,7 +35,7 @@
|
||||
|
||||
# This is where smbpasswd et al go
|
||||
PRIVATEDIR = @privatedir@
|
||||
@@ -153,10 +152,10 @@
|
||||
@@ -148,10 +150,10 @@
|
||||
# the directory where pid files go
|
||||
PIDDIR = @piddir@
|
||||
|
||||
@ -24,3 +48,17 @@
|
||||
FLAGS5 = $(FLAGS1) $(FLAGS2) $(FLAGS3) $(FLAGS4)
|
||||
FLAGS = $(ISA) $(FLAGS5) -I$(srcdir)/lib -D_SAMBA_BUILD_=3
|
||||
|
||||
@@ -962,9 +964,10 @@
|
||||
$(RPCCLIENT_NDR_OBJ) \
|
||||
$(PRIVILEGES_BASIC_OBJ)
|
||||
|
||||
-WINBIND_WINS_NSS_OBJ = nsswitch/wins.o $(PARAM_OBJ) \
|
||||
- $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) $(NSSWINS_OBJ) $(KRBCLIENT_OBJ) \
|
||||
- $(LIBNDR_GEN_OBJ0)
|
||||
+WINBIND_WINS_NSS_OBJ = nsswitch/wins.o @WINBIND_WINS_NSS_EXTRA_OBJS@ \
|
||||
+ $(PARAM_OBJ) $(LIBSMB_OBJ) $(LDB_OBJ) $(KRBCLIENT_OBJ) \
|
||||
+ $(LIB_NONSMBD_OBJ) \
|
||||
+ $(LIBNDR_GEN_OBJ0)
|
||||
|
||||
PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
|
||||
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- configure.in.orig 2009-02-03 16:10:07.000000000 +0000
|
||||
+++ configure.in 2009-02-08 16:14:09.000000000 +0000
|
||||
--- ./configure.in.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./configure.in 2009-06-25 23:59:12.000000000 +0000
|
||||
@@ -184,16 +184,6 @@
|
||||
fi
|
||||
fi
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./lib/iconv.c.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./lib/iconv.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./lib/iconv.c.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./lib/iconv.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -136,7 +136,7 @@
|
||||
char **outbuf, size_t *outbytesleft)
|
||||
{
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./lib/replace/libreplace_cc.m4.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./lib/replace/libreplace_cc.m4 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./lib/replace/libreplace_cc.m4.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./lib/replace/libreplace_cc.m4 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -145,6 +145,10 @@
|
||||
AC_CHECK_TYPE(uintptr_t, unsigned long long)
|
||||
AC_CHECK_TYPE(ptrdiff_t, unsigned long long)
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./m4/aclocal.m4.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./m4/aclocal.m4 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./m4/aclocal.m4.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./m4/aclocal.m4 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -416,101 +416,79 @@
|
||||
dnl those with the standalone portable libiconv installed).
|
||||
AC_MSG_CHECKING(for iconv in $1)
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./nsswitch/pam_winbind.c.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./nsswitch/pam_winbind.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./nsswitch/pam_winbind.c.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./nsswitch/pam_winbind.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -39,14 +39,14 @@
|
||||
const void *_item)
|
||||
{
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./nsswitch/wins_freebsd.c.orig 2009-01-06 17:10:53.000000000 +0000
|
||||
+++ ./nsswitch/wins_freebsd.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./nsswitch/wins_freebsd.c.orig 2009-06-25 20:49:35.000000000 +0000
|
||||
+++ ./nsswitch/wins_freebsd.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -0,0 +1,112 @@
|
||||
+/*
|
||||
+ Unix SMB/CIFS implementation.
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./smbd/quotas.c.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./smbd/quotas.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./smbd/quotas.c.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./smbd/quotas.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -1023,6 +1023,8 @@
|
||||
enum clnt_stat clnt_stat;
|
||||
bool ret = True;
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./smbd/statvfs.c.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./smbd/statvfs.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./smbd/statvfs.c.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./smbd/statvfs.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -3,6 +3,7 @@
|
||||
VFS API's statvfs abstraction
|
||||
Copyright (C) Alexander Bokovoy 2005
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- ./utils/net_time.c.orig 2008-12-19 13:57:33.000000000 +0000
|
||||
+++ ./utils/net_time.c 2009-01-06 17:10:53.000000000 +0000
|
||||
--- ./utils/net_time.c.orig 2009-06-22 21:05:38.000000000 +0000
|
||||
+++ ./utils/net_time.c 2009-06-25 20:49:35.000000000 +0000
|
||||
@@ -84,9 +84,15 @@
|
||||
return "unknown";
|
||||
}
|
||||
|
@ -226,7 +226,7 @@ share/swat/help/manpages/net.8.html
|
||||
share/swat/help/manpages/nmbd.8.html
|
||||
share/swat/help/manpages/nmblookup.1.html
|
||||
share/swat/help/manpages/ntlm_auth.1.html
|
||||
share/swat/help/manpages/pam_winbind.7.html
|
||||
share/swat/help/manpages/pam_winbind.8.html
|
||||
share/swat/help/manpages/pdbedit.8.html
|
||||
share/swat/help/manpages/profiles.1.html
|
||||
share/swat/help/manpages/rpcclient.1.html
|
||||
|
Loading…
Reference in New Issue
Block a user