Date: Fri, 14 Dec 2007 10:37:10 -0600 From: "W. D." <WD@US-Webmasters.com> To: samba@lists.samba.org Cc: Remko Lodder <remko@FreeBSD.org>, Timur@FreeBSD.org, FreeBSD-Questions@FreeBSD.org Subject: Re: Yikes! FreeBSD samba-3.0.26a_2,1 is forbidden: "Remote Code Execution... Message-ID: <20071214164358.5D01A13C461@mx1.freebsd.org> In-Reply-To: <47600358.3010909@FreeBSD.org> References: <20071212065822.4F6A313C457@mx1.freebsd.org> <475F9560.40703@FreeBSD.org> <20071212090407.8B26613C478@mx1.freebsd.org> <47600358.3010909@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:50 12/12/2007, Remko Lodder wrote: >W. D. wrote: >> At 02:01 12/12/2007, Remko Lodder wrote: >>> W. D. wrote: >>>> ...Vulnerability - CVE-2007-6015" >>>> >>>> http://www.freshports.org/net/samba3/ >>>> >>>> >============================================================================ >>>> *samba3 3.0.26a_2,1* net <http://www.freshports.org/net/>; >>>> <http://www.freshports.org/faq.php#watchlistcount>; =220 >>>> >>> ><http://www.freshports.org/search.php?stype=depends_all&method=match&q>>uery=net/samba3>; >>>> FORBIDDEN: "Remote Code Execution Vulnerability - CVE-2007-6015" >>>> IGNORE: is forbidden: "Remote Code Execution Vulnerability - CVE-2007-6015" >>>> >============================================================================ >>>> >>>> >============================================================================ >>>> 11 Dec 2007 22:39:55 >>>> *3.0.26a_2,1* remko <mailto:remko@FreeBSD.org> >>>> >>> ><http://www.freshports.org/search.php?stype=committer&method=exact&query=remko>; >>>> >>>> Make Samba forbidden till Timur had the time to upgrade this, >>>> because >>>> samba appears to be vulnerable to remote code execution which could harm >>>> our users. >>>> >>>> This will be removed after we have a safe version to which we can >>>> upgrade. >>>> >>>> Hat: >>>> secteam >>>> Discussed with and requested >>>> by: timur >>>> >>>> >============================================================================ >>>> >>>> Dang! When will this be fixed? >>>> >>>> >>> Soon, there are patches available, we just need to make sure that it >>> doesn't bite anything while we are in a ports-slush, hence the FORBIDDEN >>> part. >>> >>> Best regards, >>> Remko >> >> Hours? Days? Weeks? >> > >The freebsd port will be up to date as soon as possible, there are fixes >available already on the Samba websites.. > >Best regards, >remko Well, it's been 2 days now. When will the code be updated in the FreeBSD ports? The version on the Samba website is 3.0.28. (http://www.Samba.org/) Why is the FreeBSD ports version stuck at 3.0.26a_2,1? If there are fixes available already on the Samba websites, why can't they be integrated into the ports? I neet to get a fileserver going right away. I would like to use Samba. Perhaps I should just load Windows on it? It seems to me that leaving a port broken like this is very "unprofessional". I would expect more from the folks maintaing FreeBSD. When is it going to be fixed? Does "soon" mean this century? This year? When? Start Here to Find It Fast!™ -> http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names -> http://domains.us-webmasters.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071214164358.5D01A13C461>