From owner-svn-ports-all@freebsd.org Wed Apr 13 07:08:02 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 411C8B0E1D4; Wed, 13 Apr 2016 07:08:02 +0000 (UTC) (envelope-from timur@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 11E67120B; Wed, 13 Apr 2016 07:08:02 +0000 (UTC) (envelope-from timur@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u3D781rD032544; Wed, 13 Apr 2016 07:08:01 GMT (envelope-from timur@FreeBSD.org) Received: (from timur@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u3D781Mx032543; Wed, 13 Apr 2016 07:08:01 GMT (envelope-from timur@FreeBSD.org) Message-Id: <201604130708.u3D781Mx032543@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: timur set sender to timur@FreeBSD.org using -f From: "Timur I. Bakeyev" Date: Wed, 13 Apr 2016 07:08:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r413173 - head X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Apr 2016 07:08:02 -0000 Author: timur Date: Wed Apr 13 07:08:01 2016 New Revision: 413173 URL: https://svnweb.freebsd.org/changeset/ports/413173 Log: Add a note about configuration changes in the Samba ports due to BadLock vulnerability. Security: CVE-2016-2118 Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Wed Apr 13 07:00:42 2016 (r413172) +++ head/UPDATING Wed Apr 13 07:08:01 2016 (r413173) @@ -5,6 +5,31 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20160412: + AFFECTS: Users of net/samba42 and net/samba/43 + AUTHOR: timur@FreeBSD.org + + Samba 4.2.x and 4.3.x ports have been updated to address + BadLock(http://badlock.org) vulnerability, as well as few other + discovered. + + Please note that Samba 4.1.x and older versions are also affected by + the issues fixed with this release but are not supported anymore. It is + strongly recommend to upgrade to a recent version at your earliest + convenience. + + The security updates include new smb.conf options and a number of + stricter behaviours to prevent Man in the Middle attacks. Between these + changes, compatibility with a large number of older software versions + has been lost in the default configuration. + + For more information about the related behaviour changes and the + security issues please visit: + + https://www.samba.org/samba/latest_news.html#4.4.2 + https://www.samba.org/samba/history/samba-4.3.8.html + https://www.samba.org/samba/history/samba-4.2.11.html + 20160411: AFFECTS: Users if databases/influxdb AUTHOR: cheffo@freebsd-bg.org