ports/73701: Security update for net/samba3
Timur Bakeyev
timur at gnu.org
Tue Nov 9 03:10:29 UTC 2004
>Number: 73701
>Category: ports
>Synopsis: Security update for net/samba3
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Tue Nov 09 03:10:28 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Timur Bakeyev
>Release: 5.3-BETA6
>Organization:
>Environment:
FreeBSD timur.home.bat.ru 5.3-BETA6 FreeBSD 5.3-BETA6 #1: Sat Oct 2 03:50:01 CEST 2004 root at timur.home.bat.ru:/usr/src/sys/i386/compile/COMMON i386
>Description:
This is security and general update of Samba3 package
Critical:
o Fix for CAN-2004-0930 -- smbd remote DoS vulnerability.
Other:
o Compile fixes for HP-UX
o Fixes for the printer publishing code used when joined to
an AD domain.
o Incompatibilities with file system quotas.
o Several bugs in the spoolss printing code and print system
backends.
o Inconsistencies in the username map functionality when
configured on domain member servers.
o Various compile warnings and errors on various platforms.
o Fixes for kerberos interoperability with Windows 200x
domains when using DES keys.
As a side effect Multibyte support is dropped again...
>How-To-Repeat:
--
>Fix:
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/net/samba3/Makefile,v
retrieving revision 1.129
diff -u -r1.129 Makefile
--- Makefile 12 Oct 2004 22:47:42 -0000 1.129
+++ Makefile 9 Nov 2004 01:35:39 -0000
@@ -6,7 +6,7 @@
#
PORTNAME= samba
-PORTVERSION= 3.0.7
+PORTVERSION= 3.0.8
PORTREVISION?= 0
PORTEPOCH?= 1
CATEGORIES?= net
@@ -14,12 +14,6 @@
MASTER_SITE_SUBDIR= . old-versions rc pre
DISTNAME= ${PORTNAME}-${PORTVERSION:S/.p/pre/:S/.r/rc/}
-.if defined(WITH_MULTIBYTE)
-PATCH_SITES= http://dist.bsdlab.org/
-PATCHFILES= samba-3.0.7-i18n-20040915.bz2
-PATCH_DIST_STRIP= -p0
-.endif
-
MAINTAINER?= timur at gnu.org
COMMENT?= A free SMB and CIFS client and server for UNIX
@@ -48,6 +42,8 @@
CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include \
LDFLAGS=-L${LOCALBASE}/lib
+CONFIGURE_TARGET= --build=${ARCH}-portbld-freebsd${OSREL}
+
CONFIGURE_ARGS+= --exec-prefix=${PREFIX} \
--localstatedir=${VARDIR} \
--with-configdir=${SAMBA_CONFDIR} \
@@ -76,8 +72,7 @@
SAM_PGSQL "With PostgreSQL smbpasswd backend" off \
SAM_OLD_LDAP "With Samba2.x LDAP smbpasswd backend" off \
PAM_SMBPASS "With SMB PAM module" off \
- POPT "With installed POPT library" on \
- MULTIBYTE "With multibyte encoding patch" off
+ POPT "With installed POPT library" on
.endif
.include <bsd.port.pre.mk>
@@ -254,14 +249,6 @@
WINBIND_FILTER= ${GREP} -v '^%%WINBIND%%'
.endif
-.if defined(WITH_MULTIBYTE)
-# Based on patch from miraclelinux.com.
-# http://www.miraclelinux.com/english/technet/samba30/index.html
-PLIST_SUB+= MULTIBYTE=""
-.else
-PLIST_SUB+= MULTIBYTE="@comment "
-.endif
-
PLIST_SUB+= RC_DIR=${RC_DIR} \
SAMBA_LOGDIR=${SAMBA_LOGDIR} \
SAMBA_LOCKDIR=${SAMBA_LOCKDIR}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/net/samba3/distinfo,v
retrieving revision 1.58
diff -u -r1.58 distinfo
--- distinfo 12 Oct 2004 22:47:42 -0000 1.58
+++ distinfo 9 Nov 2004 02:56:20 -0000
@@ -1,4 +1,2 @@
-MD5 (samba-3.0.7.tar.gz) = 5906341429e64214909865a4be92e4ab
-SIZE (samba-3.0.7.tar.gz) = 15012667
-MD5 (samba-3.0.7-i18n-20040915.bz2) = f19a3cb34179632563c51c6cf54d3d3d
-SIZE (samba-3.0.7-i18n-20040915.bz2) = 17160
+MD5 (samba-3.0.8.tar.gz) = 7088483c858ac362d302acc0c2a1d431
+SIZE (samba-3.0.8.tar.gz) = 15101353
Index: pkg-plist
===================================================================
RCS file: /home/ncvs/ports/net/samba3/pkg-plist,v
retrieving revision 1.55
diff -u -r1.55 pkg-plist
--- pkg-plist 12 Oct 2004 22:47:42 -0000 1.55
+++ pkg-plist 9 Nov 2004 01:35:52 -0000
@@ -17,6 +17,7 @@
bin/smbtree
bin/tdbbackup
bin/tdbdump
+bin/tdbtool
bin/testparm
bin/testprns
%%WINBIND%%bin/wbinfo
@@ -44,7 +45,6 @@
lib/samba/vfs/default_quota.so
lib/samba/vfs/expand_msdfs.so
lib/samba/vfs/extd_audit.so
-%%MULTIBYTE%%lib/samba/vfs/hex.so
lib/samba/vfs/fake_perms.so
lib/samba/vfs/full_audit.so
lib/samba/vfs/netatalk.so
@@ -127,6 +127,8 @@
%%EXAMPLESDIR%%/VFS/skel_transparent.c
%%EXAMPLESDIR%%/auth/Makefile
%%EXAMPLESDIR%%/auth/auth_skel.c
+%%EXAMPLESDIR%%/auth/crackcheck/Makefile
+%%EXAMPLESDIR%%/auth/crackcheck/crackcheck.c
%%EXAMPLESDIR%%/autofs/auto.smb
%%EXAMPLESDIR%%/dce-dfs/README
%%EXAMPLESDIR%%/dce-dfs/smb.conf
@@ -191,6 +193,7 @@
@dirrm %%EXAMPLESDIR%%/genlogon
@dirrm %%EXAMPLESDIR%%/dce-dfs
@dirrm %%EXAMPLESDIR%%/autofs
+ at dirrm %%EXAMPLESDIR%%/auth/crackcheck
@dirrm %%EXAMPLESDIR%%/auth
@dirrm %%EXAMPLESDIR%%/VFS
@dirrm %%EXAMPLESDIR%%/LDAP/smbldap-tools/mkntpwd
@@ -472,10 +475,6 @@
share/swat/include/footer.html
share/swat/include/header.html
share/swat/lang/ja/help/welcome.html
-share/swat/lang/ja/include/footer.html
-share/swat/lang/ja/include/header.html
-share/swat/lang/ja/include/header.nocss.html
-share/swat/lang/ja/include/header_css.html
share/swat/lang/tr/help/welcome.html
share/swat/lang/tr/images/globals.gif
share/swat/lang/tr/images/home.gif
@@ -485,7 +484,6 @@
share/swat/lang/tr/images/shares.gif
share/swat/lang/tr/images/status.gif
share/swat/lang/tr/images/viewconfig.gif
-share/swat/lang/tr/include/header.html
share/swat/using_samba/appa.html
share/swat/using_samba/appb.html
share/swat/using_samba/appc.html
Index: files/patch-Makefile.in
===================================================================
RCS file: /home/ncvs/ports/net/samba3/files/patch-Makefile.in,v
retrieving revision 1.3
diff -u -r1.3 patch-Makefile.in
--- files/patch-Makefile.in 1 Sep 2004 16:23:29 -0000 1.3
+++ files/patch-Makefile.in 8 Nov 2004 16:41:03 -0000
@@ -1,6 +1,6 @@
---- Makefile.in.orig Thu Aug 19 15:39:11 2004
-+++ Makefile.in Mon Aug 30 22:02:08 2004
-@@ -104,6 +104,7 @@
+--- Makefile.in.orig Sun Nov 7 21:43:23 2004
++++ Makefile.in Mon Nov 8 17:40:48 2004
+@@ -99,6 +99,7 @@
LIBSMBCLIENT_MAJOR=0
LIBSMBCLIENT_MINOR=1
@@ -8,18 +8,18 @@
FLAGS1 = $(CFLAGS) @FLAGS1@ -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir)
FLAGS2 =
-@@ -992,8 +993,8 @@
+@@ -989,8 +990,8 @@
@SONAMEFLAG@`basename $@`
bin/libsmbclient. at SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS)
- @echo Linking libsmbclient shared library $@
-- @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(DYNEXP) $(LIBS) \
+- @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \
+ @echo Linking libsmbclient shared library $@.$(LIBSMBCLIENT_MAJOR)
-+ @$(SHLD) $(LDSHFLAGS) -o $@.$(LIBSMBCLIENT_MAJOR) $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(DYNEXP) $(LIBS) \
++ @$(SHLD) $(LDSHFLAGS) -o $@.$(LIBSMBCLIENT_MAJOR) $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \
$(KRB5LIBS) $(LDAP_LIBS) \
@SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR)
-@@ -1076,13 +1077,13 @@
+@@ -1074,13 +1075,13 @@
@WINBIND_NSS@: $(WINBIND_NSS_PICOBJS)
@echo "Linking $@"
@$(SHLD) $(WINBIND_NSS_LDSHFLAGS) -o $@ $(WINBIND_NSS_PICOBJS) \
@@ -35,10 +35,10 @@
nsswitch/pam_winbind. at SHLIBEXT@: $(PAM_WINBIND_PICOBJ) bin/.dummy
@echo "Linking $@"
-@@ -1268,7 +1269,7 @@
+@@ -1276,7 +1277,7 @@
bin/t_snprintf at EXEEXT@: lib/snprintf.c
- $(CC) $(FLAGS) -o $@ -DTEST_SNPRINTF lib/snprintf.c -lm
+ $(CC) $(FLAGS) -o $@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm
-install: installbin installman installscripts installdat installswat installmodules @INSTALLCLIENT@
+install: installbin installscripts installdat installswat installmodules
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list