From 20417ce3a56bc5928869fb4e2a1009623f63e81f Mon Sep 17 00:00:00 2001
From: Martin Wilke <miwi@FreeBSD.org>
Date: Wed, 21 Nov 2007 13:01:17 +0000
Subject: - Fix 2 Security bugs

 o CVS-2007-4572
     Stack buffer overflow in nmbd's logon request processing.

 o CVE-2007-5398
     Remote code execution in Samba's WINS server daemon (nmbd)
     when processing name registration followed name query requests.
- Bump PORTREVISION

Approved by:	portmgr (erwin), maintainer
Security:	http://www.vuxml.org/freebsd/a63b15f9-97ff-11dc-9e48-0016179b2dd5.html
---
 net/samba3/Makefile | 6 +++++-
 net/samba3/distinfo | 6 ++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

(limited to 'net/samba3')

diff --git a/net/samba3/Makefile b/net/samba3/Makefile
index df02c0b095b1..52c6bea33160 100644
--- a/net/samba3/Makefile
+++ b/net/samba3/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=		samba
 PORTVERSION?=		3.0.26a
-PORTREVISION?=		1
+PORTREVISION=		2
 PORTEPOCH?=		1
 CATEGORIES?=		net
 MASTER_SITES=		${MASTER_SITE_SAMBA}
@@ -44,6 +44,10 @@ SAMBA_LIB=		lib
 SAMBA_LIBDIR=		${PREFIX}/${SAMBA_LIB}
 SAMBA_MODULEDIR=	${SAMBA_LIBDIR}/samba
 
+PATCH_SITES=	http://us1.samba.org/samba/ftp/patches/security/	
+PATCHFILES=	samba-3.0.26a-CVE-2007-4572.patch samba-3.0.26a-CVE-2007-5398.patch
+PATCH_DIST_STRIP=	-p2
+
 CONFIGURE_TARGET=	--build="${MACHINE_ARCH}-portbld-freebsd${OSREL}"
 
 CONFIGURE_ARGS+=	--exec-prefix="${PREFIX}" \
diff --git a/net/samba3/distinfo b/net/samba3/distinfo
index 41e6bbb825ff..98b61afc8206 100644
--- a/net/samba3/distinfo
+++ b/net/samba3/distinfo
@@ -1,3 +1,9 @@
 MD5 (samba-3.0.26a.tar.gz) = 16b47e6add332e5ac4523fc88c381d06
 SHA256 (samba-3.0.26a.tar.gz) = 41e11f69288b2291f12f8db093e2c55dc1360555d4542c83c0758c4c7a3d4d37
 SIZE (samba-3.0.26a.tar.gz) = 18180031
+MD5 (samba-3.0.26a-CVE-2007-4572.patch) = 545990971f3f3757ee0f175170b7bcb6
+SHA256 (samba-3.0.26a-CVE-2007-4572.patch) = d960cf7d26788e87983ee7acb8af8c45d22a034c028cce619582f6a115108491
+SIZE (samba-3.0.26a-CVE-2007-4572.patch) = 8203
+MD5 (samba-3.0.26a-CVE-2007-5398.patch) = 79934d4dcc779a467697e7cf86046631
+SHA256 (samba-3.0.26a-CVE-2007-5398.patch) = 37a0181aa647de7feb888d675ea726e135bbe53bc3099076eaf0682fc1b11b05
+SIZE (samba-3.0.26a-CVE-2007-5398.patch) = 1232
-- 
cgit v1.2.3