ports/81350: japanese/samba update for seurity fix
NAKAJI Hiroyuki
nakaji at jp.freebsd.org
Sun May 22 01:10:02 UTC 2005
>Number: 81350
>Category: ports
>Synopsis: japanese/samba update for seurity fix
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sun May 22 01:10:01 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: NAKAJI Hiroyuki
>Release: FreeBSD 5.4-STABLE i386
>Organization:
>Environment:
System: FreeBSD ra333.heimat.gr.jp 5.4-STABLE FreeBSD 5.4-STABLE #16: Wed May 18 14:45:15 JST 2005 root at ra333.heimat.gr.jp:/usr/obj/usr/src/sys/RA333 i386
>Description:
As you know, ja-samba-2.2.11j1.0 has security problem
described in
http://www.FreeBSD.org/ports/portaudit/3b3676be-52e1-11d9-a9e7-0001020eed82.html
It is still beta but the fixed version of samba-2.2.12-ja-1.0beta1
was released fro Samba Users Group Japan
(http://www.samba.gr.jp/). This beta fixes the integer overflow
vulnerability (CAN-2004-1154).
Security Officer, this PR is related to vid
3b3676be-52e1-11d9-a9e7-0001020eed82.
>How-To-Repeat:
>Fix:
Apply following patch and remove 'scripts' directory.
diff -urN -x CVS /usr/ports/japanese/samba/Makefile ./Makefile
--- /usr/ports/japanese/samba/Makefile Sun Feb 20 16:17:12 2005
+++ ./Makefile Sun May 22 09:35:10 2005
@@ -14,7 +14,7 @@
ftp://SunSITE.tus.ac.jp/pub/archives/packages/samba/samba-jp/%SUBDIR%/ \
ftp://ftp.plathome.co.jp/pub/samba/samba-jp/%SUBDIR%/ \
ftp://ftp2.samba.gr.jp/pub/samba-jp/%SUBDIR%/
-MASTER_SITE_SUBDIR= ${PORTNAME}-${SAMBA_VERSION}-ja
+MASTER_SITE_SUBDIR= ${PORTNAME}-${SAMBA_VERSION}-ja/beta
DISTNAME= ${PORTNAME}-${SAMBA_VERSION}-ja-${SAMBA_JA_VERSION}
MAINTAINER= nakaji at jp.FreeBSD.org
@@ -22,8 +22,8 @@
CONFLICTS= samba-2.2.* samba-3.0.* sharity-light-1.*
-SAMBA_VERSION= 2.2.11
-SAMBA_JA_VERSION= 1.0
+SAMBA_VERSION= 2.2.12
+SAMBA_JA_VERSION= 1.0beta1
USE_BZIP2= yes
GNU_CONFIGURE= yes
diff -urN -x CVS /usr/ports/japanese/samba/distinfo ./distinfo
--- /usr/ports/japanese/samba/distinfo Sun Feb 20 16:17:12 2005
+++ ./distinfo Sun May 22 09:35:10 2005
@@ -1,2 +1,2 @@
-MD5 (samba-2.2.11-ja-1.0.tar.bz2) = f418c850a54572f7d4cd77fa4ef876c6
-SIZE (samba-2.2.11-ja-1.0.tar.bz2) = 7473344
+MD5 (samba-2.2.12-ja-1.0beta1.tar.bz2) = 9a7343c7f828b60f3a8f381019d19af1
+SIZE (samba-2.2.12-ja-1.0beta1.tar.bz2) = 7466052
diff -urN -x CVS /usr/ports/japanese/samba/scripts/configure.samba ./scripts/configure.samba
--- /usr/ports/japanese/samba/scripts/configure.samba Wed Sep 24 23:56:46 2003
+++ ./scripts/configure.samba Thu Jan 1 09:00:00 1970
@@ -1,101 +0,0 @@
-#!/bin/sh
-
-if [ -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc ]; then
- exit
-fi
-
-tempfile=`/usr/bin/mktemp -t checklist`
-
-if [ "${BATCH}" ]; then
- if [ "${SAMBA_OPTIONS}" ]; then
- set ${SAMBA_OPTIONS}
- fi
-else
- /usr/bin/dialog --title "configuration options" --clear \
- --checklist "\n\
-Please select desired options:" -1 -1 12 \
-syslog "With syslog support" OFF \
-ssl "With ssl support" OFF \
-ldap "With LDAP2 support" OFF \
-cups "With CUPS" OFF \
-acl "With ACL support" OFF \
-utmp "With UTMP support" OFF \
-msdfs "With MSDFS support" OFF \
-quota "With Quota support" OFF \
-recycle "With Recycle Bin" OFF \
-audit "With Audit" OFF \
-winbind "With Winbind" OFF \
-wbauth "With Winbind Auth Challenge" OFF \
-smbsh "With Smbsh and smbwrapper" OFF \
-2> $tempfile
-
- retval=$?
-
- if [ -s $tempfile ]; then
- set `cat $tempfile`
- fi
- rm -f $tempfile
-
- case $retval in
- 0) if [ -z "$*" ]; then
- echo "Nothing selected"
- fi
- ;;
- 1) echo "Cancel pressed."
- exit 1
- ;;
- esac
-fi
-
-${MKDIR} ${WRKDIRPREFIX}${REALCURDIR}
-echo "SCRIPT_RUN=yes" >${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
-
-while [ "$1" ]; do
- case $1 in
- \"syslog\")
- echo "WITH_SYSLOG=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"ssl\")
- echo "WITH_SSL=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"ldap\")
- echo "WITH_LDAP=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"cups\")
- echo "WITH_CUPS=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"acl\")
- echo "WITH_ACL_SUPPORT=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"utmp\")
- echo "WITH_UTMP=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"msdfs\")
- echo "WITH_MSDFS=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"quota\")
- echo "WITH_QUOTAS=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"recycle\")
- echo "WITH_RECYCLE=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"audit\")
- echo "WITH_AUDIT=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"winbind\")
- echo "WITH_WINBIND=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"wbauth\")
- echo "WITH_WINBIND_AUTH_CHALLENGE=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- \"smbsh\")
- echo "WITH_SMBSH=YES" >>${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- ;;
- *)
- echo "Invalid option: $1"
- rm -f ${WRKDIRPREFIX}${REALCURDIR}/Makefile.inc
- exit 1
- ;;
- esac
- shift
-done
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list