Bug 254111

Summary: net/samba410 - address CVE
Product: Ports & Packages Reporter: Mikhail Teterin <mi>
Component: Individual Port(s)Assignee: Fernando ApesteguĂ­a <fernape>
Status: Closed Overcome By Events    
Severity: Affects Only Me CC: fernape
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Backport 4.11 CVE-fixes to 4.10 none

Description Mikhail Teterin freebsd_committer freebsd_triage 2021-03-07 19:37:14 UTC 
Created attachment 223071 [details]
Backport 4.11 CVE-fixes to 4.10

The port is currently marked vulnerable, because Samba-project didn't include the 4.10.x release, when patch the three vulnerabilities discovered last October.

Fortunately, the patch they did issue for 4.11.x applies /almost/ perfectly to 4.10.18-- with only a single hunk needing adjusting.

Please, consider dropping the attached file into the port's files/ and, perhaps, undeprecate the port for a little while longer...
Comment 1 Fernando ApesteguĂ­a freebsd_committer freebsd_triage 2021-03-08 11:28:36 UTC 
(In reply to Mikhail Teterin from comment #0)
Hi Mikhail,

net/samba410 is in the ports collection no more. We have net/samba{411,412,413}