ports/69131: Security update for net/samba3
Timur I. Bakeyev
timur at gnu.org
Thu Jul 15 21:50:15 UTC 2004
>Number: 69131
>Category: ports
>Synopsis: Security update for net/samba3
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 15 21:50:14 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Timur I. Bakeyev
>Release: FreeBSD 5.2-CURRENT i386
>Organization:
>Environment:
System: FreeBSD timur.home.bat.ru 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Tue Apr 6 20:29:11 CEST 2004 root at timur.home.bat.ru:/usr/src/sys/i386/compile/COMMON i386
>Description:
This patch effectivelly updates net/samba3 to 3.0.5 version, which
is a security fix for the 3.0.4.
>How-To-Repeat:
>Fix:
Attached file contains the patch against the current port.
From: "Timur I. Bakeyev" <timur at com.bat.ru>
To: freebsd
Cc:
Bcc:
Subject: t
Reply-To:
X-Organization: RIPE Network Coordination Centre
X-Phone: +31 20 535 4444
X-Fax: +31 20 535 4445
X-WWW: http://www.ripe.net
--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="samba.diff"
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/net/samba3/Makefile,v
retrieving revision 1.124
diff -u -u -r1.124 Makefile
--- Makefile 3 Jul 2004 12:46:41 -0000 1.124
+++ Makefile 15 Jul 2004 21:08:20 -0000
@@ -7,7 +7,7 @@
PORTNAME= samba
PORTVERSION= 3.0.4
-PORTREVISION?= 3
+PORTREVISION?= 4
PORTEPOCH?= 1
CATEGORIES?= net
MASTER_SITES= ${MASTER_SITE_SAMBA}
Index: files/patch-lib_util_str.c
===================================================================
RCS file: /home/ncvs/ports/net/samba3/files/patch-lib_util_str.c,v
retrieving revision 1.1
diff -u -u -r1.1 patch-lib_util_str.c
--- files/patch-lib_util_str.c 18 May 2004 14:52:47 -0000 1.1
+++ files/patch-lib_util_str.c 15 Jul 2004 21:05:01 -0000
@@ -1,6 +1,36 @@
---- lib/util_str.c.orig Tue Apr 20 22:42:55 2004
-+++ lib/util_str.c Fri May 14 02:02:30 2004
-@@ -1980,10 +1980,16 @@
+--- lib/util_str.c.orig Thu Jul 15 22:49:39 2004
++++ lib/util_str.c Thu Jul 15 23:03:08 2004
+@@ -1980,7 +1980,9 @@
+ s++; i++;
+ }
+
+- if (*s == '=') n -= 1;
++ if ((n > 0) && (*s == '=')) {
++ n -= 1;
++ }
+
+ /* fix up length */
+ decoded.length = n;
+@@ -1993,9 +1995,15 @@
+ void base64_decode_inplace(char *s)
+ {
+ DATA_BLOB decoded = base64_decode_data_blob(s);
+- memcpy(s, decoded.data, decoded.length);
+- /* null terminate */
+- s[decoded.length] = '\0';
++
++ if ( decoded.length != 0 ) {
++ memcpy(s, decoded.data, decoded.length);
++
++ /* null terminate */
++ s[decoded.length] = '\0';
++ } else {
++ *s = '\0';
++ }
+
+ data_blob_free(&decoded);
+ }
+@@ -2009,10 +2017,16 @@
{
int bits = 0;
int char_count = 0;
--WIyZ46R2i8wDzkSu--
>Release-Note:
>Audit-Trail:
>Unformatted:
--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
More information about the freebsd-ports-bugs
mailing list