[MacPorts] #34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch --------------------------------------+------------------------------------- Reporter: nonstop.server@… | Owner: macports-tickets@… Type: enhancement | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.0.4 Keywords: | Port: samba3 --------------------------------------+------------------------------------- Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user.[[BR]] A patch has been released for all Samba versions due to the seriousness of this vulnerability.[[BR]] More information concerning this security issue and the released patch can be found here: * Announcement for [https://www.samba.org/samba/security/CVE-2012-1182 CVE-2012-1182] * CVE-ID: [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 CVE-2012-1182] * Download [https://www.samba.org/samba/ftp/patches/security/samba-3.2.15-CVE-2012-1182.... patch for version 3.2.15] -- Ticket URL: <https://trac.macports.org/ticket/34455> MacPorts <http://www.macports.org/> Ports system for Mac OS
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch --------------------------------------+------------------------------------- Reporter: nonstop.server@… | Owner: mww@… Type: defect | Status: new Priority: High | Milestone: Component: ports | Version: Keywords: | Port: samba3 --------------------------------------+------------------------------------- Changes (by jmr@…): * owner: macports-tickets@… => mww@… * cc: mww@… (removed) * version: 2.0.4 => * type: enhancement => defect * priority: Normal => High -- Ticket URL: <https://trac.macports.org/ticket/34455#comment:1> MacPorts <http://www.macports.org/> Ports system for Mac OS
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch --------------------------------------+------------------------------------- Reporter: nonstop.server@… | Owner: mww@… Type: defect | Status: new Priority: High | Milestone: Component: ports | Version: Keywords: | Port: samba3 --------------------------------------+------------------------------------- Comment(by ryandesign@…): The samba3 port is at version 3.6.6. Is that version still affected? -- Ticket URL: <https://trac.macports.org/ticket/34455#comment:2> MacPorts <http://www.macports.org/> Ports system for Mac OS
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch --------------------------------------+------------------------------------- Reporter: nonstop.server@… | Owner: mww@… Type: defect | Status: new Priority: High | Milestone: Component: ports | Version: Keywords: | Port: samba3 --------------------------------------+------------------------------------- Comment(by nonstop.server@…): Replying to [comment:2 ryandesign@…]: No, there are no outstanding security updates against Samba version 3.6.6.[[BR]] CVE-2012-1182 has been solved since security release 3.6.4 of Samba. {{{ ============================= Release Notes for Samba 3.6.4 April 10, 2012 ============================= This is a security release in order to address CVE-2012-1182 ("root" credential remote code execution). o CVE-2012-1182: Samba 3.0.x to 3.6.3 are affected by a vulnerability that allows remote code execution as the "root" user. Changes since 3.6.3: -------------------- o Stefan Metzmacher <metze@samba.org> *BUG 8815: PIDL based autogenerated code allows overwriting beyond of allocated array (CVE-2012-1182). }}} -- Ticket URL: <https://trac.macports.org/ticket/34455#comment:3> MacPorts <http://www.macports.org/> Ports system for Mac OS
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch ---------------------------------------+------------------------------------ Reporter: nonstop.server@… | Owner: mww@… Type: defect | Status: closed Priority: High | Milestone: Component: ports | Version: Resolution: fixed | Keywords: Port: samba3 | ---------------------------------------+------------------------------------ Changes (by ryandesign@…): * status: new => closed * resolution: => fixed -- Ticket URL: <https://trac.macports.org/ticket/34455#comment:4> MacPorts <http://www.macports.org/> Ports system for Mac OS
participants (1)
-
MacPorts