Summary: | net/samba410 - address CVE | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Mikhail Teterin <mi> | ||||
Component: | Individual Port(s) | Assignee: | Fernando ApesteguĂa <fernape> | ||||
Status: | Closed Overcome By Events | ||||||
Severity: | Affects Only Me | CC: | fernape | ||||
Priority: | --- | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
(In reply to Mikhail Teterin from comment #0) Hi Mikhail, net/samba410 is in the ports collection no more. We have net/samba{411,412,413} |
Created attachment 223071 [details] Backport 4.11 CVE-fixes to 4.10 The port is currently marked vulnerable, because Samba-project didn't include the 4.10.x release, when patch the three vulnerabilities discovered last October. Fortunately, the patch they did issue for 4.11.x applies /almost/ perfectly to 4.10.18-- with only a single hunk needing adjusting. Please, consider dropping the attached file into the port's files/ and, perhaps, undeprecate the port for a little while longer...