SAMBA 3.0.28a and CVE-2008-1105

O. Hartmann ohartman at zedat.fu-berlin.de
Fri Jun 20 11:21:49 UTC 2008


Johan Hendriks wrote:
> 
>>> Konrad Heuer wrote:
>>>
>>> On Thu, 19 Jun 2008, O. Hartmann wrote:
>>>
>>>> We still have Samba R3.0.28a in the ports but regarding to 
>>>> CVE-2008-1105 shouldn't it be R3.0.30?
>>> As far as I know the mentioned security patch gets applied when
> building 
>>> Samba from ports.
>>>
>>> Best regards
>>>
>>> Konrad Heuer
>>> GWDG, Am Fassberg, 37077 Goettingen, Germany, kheuer2 at gwdg.de
>>>
> 
>> Oh, is that so ... then why isn't the version number bumped up?
> Slightly 
>> confusing, but if the patch has been incorporated it makes me feel
> better.
> 
>> Kindly regards,
>> Oliver
> 
> Reding this on freshports makes me think it is bumped!
> 
> 29 May 2008 11:47:46
> 3.0.28a_1,1
> 	
> This is a security update of Samba 3.0.28a, that address CVE-2008-1105.
> 
> Approved by:    shaun (mentor, implicit)
> Security:       CVE-2008-1105
> 
> Regards,
> Johan Hendriks
> Double L Automatisering
> 
> 

Well, sorry making this noise, I looked at www.samba.org and saw version 
3.0.30 out there and checked against the port and that what smbstatus 
reveals and tried to figure out ...

Somehow it would be much easier and for the 'stupid' among us (like me) 
to bump also version number - if that would be possible and without 
implications ino too much work ...

Regards,
Oliver


More information about the freebsd-questions mailing list