Samba version specification that is found in the old portaudit.xml file
inside ports-mgmt/portaudit-db/databases has improper entry that cathes
modern Samba port:
$ pkg_version -T samba-3.2.4 'samba>=3.*<3.0.5,1' && echo Found!
Fix: The following patch fixes the things, at least for me:
Run the above command or do 'cd /usr/ports/net/samba32-devel;
make check-vulnerable', it should produce something like this:
===> samba-3.2.4 has known vulnerabilities:
=> Multiple Potential Buffer Overruns in Samba.
=> Please update your ports tree and try again.
*** Error code 1
I'll take it.
simon 2008-11-30 21:54:20 UTC
FreeBSD ports repository
ports-mgmt/portaudit-db/database portaudit.xlist portaudit.xml
Remove entry 2de14f7a-dad9-11d8-b59a-00061bc2ad93 (Multiple
Potential Buffer Overruns in Samba) which is duplicated from
vuln.xml. I don't know why this entry is duplicated here, but I
suspect it's related to portaudit.txt.
By removing the entry from here, the entry in vuln.xml should
just be used instead.
Reported by: Eygene Ryabinkin <firstname.lastname@example.org>
Revision Changes Path
1.8 +1 -2 ports/ports-mgmt/portaudit-db/database/portaudit.xlist
1.18 +1 -46 ports/ports-mgmt/portaudit-db/database/portaudit.xml
email@example.com mailing list
To unsubscribe, send any mail to "firstname.lastname@example.org"
I'll take it.
This was fixed by simon@ on 2008-11-30 21:54:20 UTC