FreeBSD Mail Archives

Date:      Wed, 9 Apr 2003 18:35:11 +0900 (JST)
From:      NAKAJI Hiroyuki <nakaji@jp.freebsd.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:    ports/50748: [security] japanese/samba update to samba-2.2.7b-ja-1.0
Message-ID:  <200304090935.h399ZBA9060365@boggy.acest.tutrp.tut.ac.jp>
Resent-Message-ID: <200304090940.h399eIUU084836@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help


>Number:         50748
>Category:       ports
>Synopsis:       [security] japanese/samba update to samba-2.2.7b-ja-1.0
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr 09 02:40:15 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     NAKAJI Hiroyuki
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD boggy.acest.tutrp.tut.ac.jp 5.0-CURRENT FreeBSD 5.0-CURRENT #75: Wed Mar 19 10:29:36 JST 2003 root@boggy.acest.tutrp.tut.ac.jp:/usr/obj/usr/src/sys/NAKAJI i386


	
>Description:
	To fix a buffer overflaw problem, SUGJ has released
samba-2.2.7b-ja-1.0 on Wed, 9 Apr 2003 (JST).
	

>How-To-Repeat:

>Fix:

diff -urN --exclude CVS /usr/ports/japanese/samba/Makefile ./Makefile
--- /usr/ports/japanese/samba/Makefile	Tue Apr  8 15:37:56 2003
+++ ./Makefile	Wed Apr  9 16:34:40 2003
@@ -7,7 +7,6 @@
 
 PORTNAME=	samba
 PORTVERSION=	${SAMBA_VERSION}.j${SAMBA_JA_VERSION}
-PORTREVISION=	2
 CATEGORIES=	japanese net
 MASTER_SITES=	ftp://ftp.samba.gr.jp/pub/samba-jp/%SUBDIR%/ \
 		ftp://ftp.iij.ad.jp/pub/SAMBA/samba-jp/%SUBDIR%/ \
@@ -22,8 +21,8 @@
 
 BUILD_DEPENDS=	msgfmt:${PORTSDIR}/devel/gettext
 
-SAMBA_VERSION=		2.2.7a
-SAMBA_JA_VERSION=	1.1
+SAMBA_VERSION=		2.2.7b
+SAMBA_JA_VERSION=	1.0
 
 USE_BZIP2=	yes
 GNU_CONFIGURE=	yes
@@ -129,6 +128,9 @@
 .if defined(WITH_WINBIND_AUTH_CHALLENGE)
 CONFIGURE_ARGS+=	--with-winbind-auth-challenge
 .endif
+
+# malloc.h check is not needed.
+CONFIGURE_ENV+=	ac_cv_header_malloc_h=no
 
 pre-fetch:
 	@${SETENV} ${SCRIPTS_ENV} ${SH} ${SCRIPTDIR}/configure.samba
diff -urN --exclude CVS /usr/ports/japanese/samba/distinfo ./distinfo
--- /usr/ports/japanese/samba/distinfo	Wed Mar 19 16:18:47 2003
+++ ./distinfo	Wed Apr  9 16:32:07 2003
@@ -1 +1 @@
-MD5 (samba-2.2.7a-ja-1.1.tar.bz2) = 7f5c104c1b2b0a5a40b56d5b831819b8
+MD5 (samba-2.2.7b-ja-1.0.tar.bz2) = 13609e6d0aa47b7cd52d9ee8b756ff9b
diff -urN --exclude CVS /usr/ports/japanese/samba/files/README.FreeBSD ./files/README.FreeBSD
--- /usr/ports/japanese/samba/files/README.FreeBSD	Tue Feb 25 00:15:06 2003
+++ ./files/README.FreeBSD	Wed Apr  9 17:52:24 2003
@@ -10,7 +10,7 @@
 See document files in /usr/local/share/doc/samba and example config files in
 /usr/local/share/examples/samba for details.
 
-Samba Japanese Edition is based on Samba 2.2.7a, implemented the
+Samba Japanese Edition is based on Samba 2.2.7b, implemented the
 internationalized SWAT and fixed several problems arond functions for
 Japanese support. See smb.conf.sample for details. If you want to use
 NT4+SP3 or Win95+updates clients, set "encrypt passwords" parameter to
diff -urN --exclude CVS /usr/ports/japanese/samba/files/patch-security ./files/patch-security
--- /usr/ports/japanese/samba/files/patch-security	Tue Apr  8 15:10:13 2003
+++ ./files/patch-security	Thu Jan  1 09:00:00 1970
@@ -1,103 +0,0 @@
---- smbd/ipc.c.orig	Mon Mar 17 13:17:56 2003
-+++ smbd/ipc.c	Tue Apr  8 13:17:45 2003
-@@ -398,7 +398,7 @@
-   
- 	if (tdscnt)  {
- 		if((data = (char *)malloc(tdscnt)) == NULL) {
--			DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt));
-+			DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt));
- 			END_PROFILE(SMBtrans);
- 			return(ERROR_DOS(ERRDOS,ERRnomem));
- 		} 
-@@ -412,7 +412,7 @@
- 
- 	if (tpscnt) {
- 		if((params = (char *)malloc(tpscnt)) == NULL) {
--			DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt));
-+			DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt));
- 			SAFE_FREE(data);
- 			END_PROFILE(SMBtrans);
- 			return(ERROR_DOS(ERRDOS,ERRnomem));
-@@ -428,7 +428,7 @@
- 	if (suwcnt) {
- 		int i;
- 		if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) {
--			DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16))));
-+			DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16))));
- 			SAFE_FREE(data);
- 			SAFE_FREE(params);
- 			END_PROFILE(SMBtrans);
-@@ -524,7 +524,7 @@
- 	}
- 	
- 	
--	DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n",
-+	DEBUG(3,("trans <%s> data=%u params=%u setup=%u\n",
- 		 name,tdscnt,tpscnt,suwcnt));
- 	
- 	/*
---- smbd/password.c.orig	Thu Nov 21 22:05:51 2002
-+++ smbd/password.c	Tue Apr  8 13:17:45 2003
-@@ -816,7 +816,7 @@
- 		if (!ok && lp_username(snum)) {
- 			char *auser;
- 			pstring user_list;
--			StrnCpy(user_list,lp_username(snum),sizeof(pstring));
-+			StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1);
- 
- 			pstring_sub(user_list,"%S",lp_servicename(snum), True);
- 	  
---- smbd/reply.c.orig	Wed Feb  5 15:15:15 2003
-+++ smbd/reply.c	Tue Apr  8 13:17:45 2003
-@@ -1490,6 +1490,9 @@
- 
-         for (i=numentries;(i<maxentries) && !finished;i++)
-         {
-+          /* check to make sure we have room in the buffer */
-+	  if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE )
-+	      break;
-           finished = 
-             !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
-           if (!finished)
-@@ -3603,6 +3606,9 @@
-     
- 
- 		for (i=first;i<first+num_to_get;i++) {
-+			/* check to make sure we have room in the buffer */
-+			if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE )
-+				break;
- 			put_dos_date2(p,0,queue[i].time);
- 			SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
- 			SSVAL(p,5, queue[i].job);
---- smbd/statcache.c.orig	Fri Nov  9 18:27:43 2001
-+++ smbd/statcache.c	Tue Apr  8 13:17:45 2003
-@@ -88,7 +88,7 @@
-    * StrnCpy always null terminates.
-    */
- 
--  StrnCpy(orig_name, full_orig_name, namelen);
-+  StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1));
-   if(!case_sensitive)
-     strupper( orig_name );
- 
---- smbd/trans2.c.orig	Mon Mar 17 13:17:56 2003
-+++ smbd/trans2.c	Tue Apr  8 13:17:45 2003
-@@ -217,7 +217,6 @@
- 	int16 open_ofun;
- 	int32 open_size;
- 	char *pname;
--	int16 namelen;
- 
- 	pstring fname;
- 	mode_t unixmode;
-@@ -247,9 +246,8 @@
- 	open_ofun = SVAL(params,12);
- 	open_size = IVAL(params,14);
- 	pname = &params[28];
--	namelen = strlen(pname)+1;
- 
--	StrnCpy(fname,pname,namelen);
-+	pstrcpy(fname,pname);
- 	if (strchr(fname,'?'))
- 		return(ERROR_DOS(ERRDOS,ERRinvalidname));
- 
diff -urN --exclude CVS /usr/ports/japanese/samba/pkg-message ./pkg-message
--- /usr/ports/japanese/samba/pkg-message	Thu Mar 28 01:06:37 2002
+++ ./pkg-message	Wed Apr  9 17:24:47 2003
@@ -4,5 +4,5 @@
 are created by smbd and nmbd is changed from /var/spool/lock to
 /var/db/samba.
 
-If you are about to update your japanese/samba from 2.0.10j1.2 to 2.2.2j1.0,
+If you are about to update your japanese/samba from 2.0.10j1.2 to 2.2.7bj1.0,
 you need to remove old these files in /var/spool/lock.



>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304090935.h399ZBA9060365>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation