head 1.4; access; symbols pkgsrc-2026Q2:1.4.0.104 pkgsrc-2026Q2-base:1.4 pkgsrc-2026Q1:1.4.0.102 pkgsrc-2026Q1-base:1.4 pkgsrc-2025Q4:1.4.0.100 pkgsrc-2025Q4-base:1.4 pkgsrc-2025Q3:1.4.0.98 pkgsrc-2025Q3-base:1.4 pkgsrc-2025Q2:1.4.0.96 pkgsrc-2025Q2-base:1.4 pkgsrc-2025Q1:1.4.0.94 pkgsrc-2025Q1-base:1.4 pkgsrc-2024Q4:1.4.0.92 pkgsrc-2024Q4-base:1.4 pkgsrc-2024Q3:1.4.0.90 pkgsrc-2024Q3-base:1.4 pkgsrc-2024Q2:1.4.0.88 pkgsrc-2024Q2-base:1.4 pkgsrc-2024Q1:1.4.0.86 pkgsrc-2024Q1-base:1.4 pkgsrc-2023Q4:1.4.0.84 pkgsrc-2023Q4-base:1.4 pkgsrc-2023Q3:1.4.0.82 pkgsrc-2023Q3-base:1.4 pkgsrc-2023Q2:1.4.0.80 pkgsrc-2023Q2-base:1.4 pkgsrc-2023Q1:1.4.0.78 pkgsrc-2023Q1-base:1.4 pkgsrc-2022Q4:1.4.0.76 pkgsrc-2022Q4-base:1.4 pkgsrc-2022Q3:1.4.0.74 pkgsrc-2022Q3-base:1.4 pkgsrc-2022Q2:1.4.0.72 pkgsrc-2022Q2-base:1.4 pkgsrc-2022Q1:1.4.0.70 pkgsrc-2022Q1-base:1.4 pkgsrc-2021Q4:1.4.0.68 pkgsrc-2021Q4-base:1.4 pkgsrc-2021Q3:1.4.0.66 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.64 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.62 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.60 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.58 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.4.0.54 pkgsrc-2020Q2-base:1.4 pkgsrc-2020Q1:1.4.0.34 pkgsrc-2020Q1-base:1.4 pkgsrc-2019Q4:1.4.0.56 pkgsrc-2019Q4-base:1.4 pkgsrc-2019Q3:1.4.0.52 pkgsrc-2019Q3-base:1.4 pkgsrc-2019Q2:1.4.0.50 pkgsrc-2019Q2-base:1.4 pkgsrc-2019Q1:1.4.0.48 pkgsrc-2019Q1-base:1.4 pkgsrc-2018Q4:1.4.0.46 pkgsrc-2018Q4-base:1.4 pkgsrc-2018Q3:1.4.0.44 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.42 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.40 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.4.0.38 pkgsrc-2017Q4-base:1.4 pkgsrc-2017Q3:1.4.0.36 pkgsrc-2017Q3-base:1.4 pkgsrc-2017Q2:1.4.0.32 pkgsrc-2017Q2-base:1.4 pkgsrc-2017Q1:1.4.0.30 pkgsrc-2017Q1-base:1.4 pkgsrc-2016Q4:1.4.0.28 pkgsrc-2016Q4-base:1.4 pkgsrc-2016Q3:1.4.0.26 pkgsrc-2016Q3-base:1.4 pkgsrc-2016Q2:1.4.0.24 pkgsrc-2016Q2-base:1.4 pkgsrc-2016Q1:1.4.0.22 pkgsrc-2016Q1-base:1.4 pkgsrc-2015Q4:1.4.0.20 pkgsrc-2015Q4-base:1.4 pkgsrc-2015Q3:1.4.0.18 pkgsrc-2015Q3-base:1.4 pkgsrc-2015Q2:1.4.0.16 pkgsrc-2015Q2-base:1.4 pkgsrc-2015Q1:1.4.0.14 pkgsrc-2015Q1-base:1.4 pkgsrc-2014Q4:1.4.0.12 pkgsrc-2014Q4-base:1.4 pkgsrc-2014Q3:1.4.0.10 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.8 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.6 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.4.0.4 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.2 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.3.0.14 pkgsrc-2013Q2-base:1.3 pkgsrc-2013Q1:1.3.0.12 pkgsrc-2013Q1-base:1.3 pkgsrc-2012Q4:1.3.0.10 pkgsrc-2012Q4-base:1.3 pkgsrc-2012Q3:1.3.0.8 pkgsrc-2012Q3-base:1.3 pkgsrc-2012Q2:1.3.0.6 pkgsrc-2012Q2-base:1.3 pkgsrc-2012Q1:1.3.0.4 pkgsrc-2012Q1-base:1.3 pkgsrc-2011Q4:1.3.0.2 pkgsrc-2011Q4-base:1.3 pkgsrc-2011Q2:1.2.0.48 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.46 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.44 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.42 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.40 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.38 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.36 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.34 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.32 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.30 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.28 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.26 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.24 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.22 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.20 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.18 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.16 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.14 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.12 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.10 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.8 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.6 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.4 pkgsrc-2004Q1-base:1.2 pkgsrc-2003Q4:1.2.0.2 pkgsrc-2003Q4-base:1.2 buildlink2-base:1.2 netbsd-1-5-PATCH003:1.1; locks; strict; comment @# @; 1.4 date 2013.08.12.02.45.55; author taca; state Exp; branches; next 1.3; commitid EB23ZUIBzNlQT61x; 1.3 date 2011.12.16.11.05.24; author asau; state Exp; branches 1.3.14.1; next 1.2; 1.2 date 2002.05.05.16.57.13; author taca; state dead; branches; next 1.1; 1.1 date 2002.02.05.00.36.27; author taca; state Exp; branches; next ; 1.3.14.1 date 2013.08.12.12.20.19; author tron; state Exp; branches; next ; commitid DRsIlszbKSa45a1x; desc @@ 1.4 log @Update samba to 3.6.17, security release. ============================== Release Notes for Samba 3.6.17 August 05, 2013 ============================== This is a security release in order to address CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause server to loop with DOS). o CVE-2013-4124: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits. Changes since 3.6.16: --------------------- o Jeremy Allison * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list reading can cause server to loop with DOS. @ text @$NetBSD: patch-an,v 1.3 2011/12/16 11:05:24 asau Exp $ --- smbd/ntquotas.c.orig 2013-07-29 18:55:18.000000000 +0000 +++ smbd/ntquotas.c @@@@ -239,7 +239,7 @@@@ void *init_quota_handle(TALLOC_CTX *mem_ SMB_NTQUOTA_HANDLE *qt_handle; if (!mem_ctx) - return False; + return NULL; qt_handle = TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_HANDLE); if (qt_handle==NULL) { @ 1.3 log @Update to Samba 3.5.11 from net/samba35, part of Samba packages rearrangement. @ text @d1 1 a1 1 $NetBSD: patch-an,v 1.1.1.1 2010/12/06 17:01:23 adam Exp $ d3 1 a3 1 --- smbd/ntquotas.c.orig 2010-12-05 21:00:36.000000000 +0000 d5 1 a5 1 @@@@ -234,7 +234,7 @@@@ void *init_quota_handle(TALLOC_CTX *mem_ @ 1.3.14.1 log @Pullup ticket #4207 - requested by taca net/samba: security update Revisions pulled up: - net/samba/Makefile 1.235,1.237 - net/samba/Makefile.mirrors 1.10 - net/samba/PLIST 1.54 - net/samba/distinfo 1.91-1.92 - net/samba/patches/patch-ac 1.15 - net/samba/patches/patch-ad 1.19 - net/samba/patches/patch-ae 1.11 - net/samba/patches/patch-af 1.12 - net/samba/patches/patch-ah 1.7 - net/samba/patches/patch-ai 1.7 - net/samba/patches/patch-aj 1.7 - net/samba/patches/patch-ak 1.6 - net/samba/patches/patch-an 1.4 - net/samba/patches/patch-ao 1.4 - net/samba/patches/patch-aq 1.4 - net/samba/patches/patch-as 1.4 - net/samba/patches/patch-av 1.5 - net/samba/patches/patch-aw 1.4 - net/samba/patches/patch-ba 1.11 - net/samba/patches/patch-bb 1.5 - net/samba/patches/patch-bf 1.6 --- Module Name: pkgsrc Committed By: adam Date: Wed Jul 3 20:00:48 UTC 2013 Modified Files: pkgsrc/net/samba: Makefile PLIST distinfo pkgsrc/net/samba/patches: patch-bf Log Message: Changes 3.6.16: * BUG 9881: Link dbwrap_tool and dbwrap_torture against libtevent. * BUG 9722: Properly handle Oplock breaks in compound requests. * BUG 9822: Fix crash bug during Win8 sync. * BUG 9927: errno gets overwritten in call to check_parent_exists(). * BUG 8997: Change libreplace GPL source to LGPL. * BUG 9900: is_printer_published GUID retrieval. * BUG 9941: Fix a bug of drvupgrade of smbcontrol. * BUG 9868: Don't know how to make LIBNDR_PREG_OBJ. * BUG 9688: Remove "experimental" label on "max protocol=SMB2" parameter. * BUG 9881: Check for system libtevent. --- Module Name: pkgsrc Committed By: wiz Date: Thu Jul 4 19:31:10 UTC 2013 Modified Files: pkgsrc/net/samba: Makefile.mirrors Log Message: Fix URL. --- Module Name: pkgsrc Committed By: taca Date: Mon Aug 12 02:45:55 UTC 2013 Modified Files: pkgsrc/net/samba: Makefile distinfo pkgsrc/net/samba/patches: patch-ac patch-ad patch-ae patch-af patch-ah patch-ai patch-aj patch-ak patch-an patch-ao patch-aq patch-as patch-av patch-aw patch-ba patch-bb Log Message: Update samba to 3.6.17, security release. ============================== Release Notes for Samba 3.6.17 August 05, 2013 ============================== This is a security release in order to address CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause server to loop with DOS). o CVE-2013-4124: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits. Changes since 3.6.16: --------------------- o Jeremy Allison * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list reading can cause server to loop with DOS. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- smbd/ntquotas.c.orig 2013-07-29 18:55:18.000000000 +0000 d5 1 a5 1 @@@@ -239,7 +239,7 @@@@ void *init_quota_handle(TALLOC_CTX *mem_ @ 1.2 log @update samba package to 2.2.4. WHAT'S NEW IN Samba 2.2.4 - 2nd May 2002 ========================================= This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bug-fixes. There have been several fixes and internal enhancements which include: * More/better SPOOLSS printing functionality for Windows NT/2k/XP clients. * Several fixes relating to serving PC database files such as (Access and FoxPro) from a Samba file share. * Several improves in Samba's VFS layer which can be seen in the inclusion of a "Recycle Bin" vfs module. See examples/VFS/README for more details on this. * Addition of a tool (tdbbackup) for backup/restore of Samba's tdb's * Continued improvements to winbind for greater scalability and stability * Several fixes related to Samba's MS-DFS support * Rpcclient's various printer commands now work (again) New/Changed parameters in 2.2.4 -------------------------------- For more information on these parameters, see the man pages for smb.conf(5). Added/changed parameters ------------------------ * csc policy * inherit acls * nt status support * lock spin count * lock spin time * pid directory * winbind use default domain Depreciated parameters ---------------------- The following parameters have been marked as depreciated and will be removed in Samba 3.0 * postscript * printer driver * printer driver file * printer driver location Removed Parameters ------------------ none Changes in 2.2.4 ---------------- See the cvs log for SAMBA_2_2 for more details 1) added -c option to smbpasswd 2) reworked smbpasswd internal command line option parsing 3) small various bug fixes to experimental pdb_tdb.c 4) Enforce spoolss RPCs based on the access granted at PrinterOpen() 5) Added missing access checks to [add/delete/set]form 6) Compile fixes for pam_smbpass 7) fix smbd crash when netbios session request fails from spoolss_connect_to_client(). 8) fixed logic bug that prevent SetPrinter() from storing devmode 9) Removed extra get_printer_snum() calls from set_printer_hnd_name() 10) fix joining domain on big endian machine when using -U to smbpasswd 11) allow command line arg to override smb.conf log level 12) continue to retry to register 1b name with wins server if there is an old IP there 13) fix smbclient print crash bug 14) 9x pnp fix when the config file and driver file are different 15) force testparm to print the correct value for log level 16) fix swat to show full log level info 17) fix server GetPrinterData() fields to be more sensible 18) fix logic error in SetPrinterDataEx() 19) Only set smb_read_error if not already set 20) Fix string returns that require unicode 21) Merge of printing performance fixes from appliance 22) lpq parsing fixes 23) Back port tridge's xcopy /o fix from HEAD 24) Fix the printer change notify code (unfinished) 25) Patch for Domain users not showing up 26) Fixed SetPrinterData(magic key) to support zero length DEVMODE 27) Ensure that all methods of looking up and connecting to DC's work using identical logic. 28) Merge in the mutex code to stop multiple domain logon failure 29) Ignore 0/0 lock 30) Fix winbindd to respect command line debuglevel as nmbd/smbd 31) Update with tdbbackup from HEAD 32) Fix for typo on solaris nss 33) Merge in the locking changes from HEAD 34) Added POSIX ACL layer into the vfs 35) Fix the returning of domain enum 36) Fix the generation of the MACHINE.SID file into the secrets.tdb. 37) Enable test for -rdynamic when building binaries 38) Remove the "stat open" code - make it inline 39) Fix the mp3 rename bug 40) Fix for Explorer DFS problems on older Windows 9X machines 41) implement OpenPrinter() opnum == 0x01 42) Matched W2K *insane* open semantics.... 43) small fix that will prevent the "failed to marshall R_NET_SAMLOGON" message in the logs 42) don't do checking of local passdb in smbpasswd if using -r option 43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't try to connect to a server named '*' 44) merge rpcclient code from HEAD 45) Ensure MACHINE.SID update done before child spawns 46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works 47) Removed --with-vfs - always built if available 48) Fixed psec for 2.2 49) Fixed the handle leak in the connection management code 50) fix disable spoolss after the switch to nt status codes 51) Added Shirish's client side caching policy change 52) Honor the specversion when parsing the the DEVICEMODE 53) fix parsing bug when DEVICEMODE's private data does not end on a 4 byte boundary 54) do not idle an smbd when there is an open pipe 55) when a new driver is added to a Samba server, cycle through all printers and bump the change_id for each one bound to the driver 56) allow smbclient to work with a FIFO as well (needed for KDE ioslave) 57) various updates to pdb_nisplus.c 58) many small documentation updates 59) removed many compiler warnings Known Bugs ---------- * Under certain conditions when serving the MS Access 2000 executable file and an Access database from a Samba share, it is possible to experience data corruption. This pug does does occur when the database is served from a Samba file share but the Access *.exe is stored on the client's local file system. The exact reason for this bug is unknown at this time. @ text @d1 1 a1 1 $NetBSD: patch-an,v 1.1 2002/02/05 00:36:27 taca Exp $ d3 4 a6 5 --- lib/pidfile.c.orig Sun Feb 3 09:46:42 2002 +++ lib/pidfile.c @@@@ -37,7 +37,7 @@@@ unsigned ret; pstring pidFile; d8 3 a10 2 - slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_lockdir(), name); + slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_piddir(), name); d12 2 a13 11 fd = sys_open(pidFile, O_NONBLOCK | O_RDONLY, 0644); if (fd == -1) { @@@@ -78,7 +78,7 @@@@ pstring pidFile; pid_t pid; - slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_lockdir(), name); + slprintf(pidFile, sizeof(pidFile)-1, "%s/%s.pid", lp_piddir(), name); pid = pidfile_pid(name); if (pid != 0) { @ 1.1 log @(1) Change Samba's "lockdir" from /var/run/samba to /var/db/samba. (2) Add "piddir" as /var/run and "pidfile dir" and "pidfile directory" statement for smb.conf. (3) Some fix for password synchronization but it isn't tested much and it is almost useless under "encrypt passwords = yes" environment. Changes for INSTALL and part of Makefile are provided by "Johnny C. Lam" and (2) and (3) are got from FreeBSD ports. Bump revision to 1; samba-2.2.3nb1 now. @ text @d1 1 a1 1 $NetBSD$ @