Date: Fri, 20 Jun 2008 11:20:35 +0000 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: Johan Hendriks <Johan@double-l.nl> Cc: freebsd-questions@freebsd.org Subject: Re: SAMBA 3.0.28a and CVE-2008-1105 Message-ID: <485B9283.2050008@zedat.fu-berlin.de> In-Reply-To: <57200BF94E69E54880C9BB1AF714BBCB5DDF1F@w2003s01.double-l.local> References: <485A5939.1090108@zedat.fu-berlin.de><20080620075113.A44833@gwdu60.gwdg.de> <485B674B.9010404@zedat.fu-berlin.de> <57200BF94E69E54880C9BB1AF714BBCB5DDF1F@w2003s01.double-l.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Johan Hendriks wrote: > >>> Konrad Heuer wrote: >>> >>> On Thu, 19 Jun 2008, O. Hartmann wrote: >>> >>>> We still have Samba R3.0.28a in the ports but regarding to >>>> CVE-2008-1105 shouldn't it be R3.0.30? >>> As far as I know the mentioned security patch gets applied when > building >>> Samba from ports. >>> >>> Best regards >>> >>> Konrad Heuer >>> GWDG, Am Fassberg, 37077 Goettingen, Germany, kheuer2@gwdg.de >>> > >> Oh, is that so ... then why isn't the version number bumped up? > Slightly >> confusing, but if the patch has been incorporated it makes me feel > better. > >> Kindly regards, >> Oliver > > Reding this on freshports makes me think it is bumped! > > 29 May 2008 11:47:46 > 3.0.28a_1,1 > > This is a security update of Samba 3.0.28a, that address CVE-2008-1105. > > Approved by: shaun (mentor, implicit) > Security: CVE-2008-1105 > > Regards, > Johan Hendriks > Double L Automatisering > > Well, sorry making this noise, I looked at www.samba.org and saw version 3.0.30 out there and checked against the port and that what smbstatus reveals and tried to figure out ... Somehow it would be much easier and for the 'stupid' among us (like me) to bump also version number - if that would be possible and without implications ino too much work ... Regards, Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?485B9283.2050008>