From timur@gnu.org  Thu Jul 15 21:44:33 2004
Return-Path: <timur@gnu.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4780416A4D1
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 15 Jul 2004 21:44:33 +0000 (GMT)
Received: from mail.bat.ru (dzokonda.xs4all.nl [194.109.164.75])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 35C4443D58
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 15 Jul 2004 21:44:32 +0000 (GMT)
	(envelope-from timur@gnu.org)
Received: from timur.home.bat.ru ([192.168.0.4] verified)
  by mail.bat.ru (CommuniGate Pro SMTP 4.2b7)
  with ESMTP-TLS id 346210 for FreeBSD-gnats-submit@freebsd.org; Thu, 15 Jul 2004 23:46:35 +0200
Received: (from timur@localhost)
	by timur.home.bat.ru (8.12.11/8.12.11/Submit) id i6FLiTBl042910
	for FreeBSD-gnats-submit@freebsd.org; Thu, 15 Jul 2004 23:44:29 +0200 (CEST)
	(envelope-from timur@gnu.org)
Message-Id: <20040715214429.GA42878@timur.home.bat.ru>
Date: Thu, 15 Jul 2004 23:44:29 +0200
From: "Timur I. Bakeyev" <timur@gnu.org>
Reply-To: "Timur I. Bakeyev" <timur@gnu.org>
To: FreeBSD-gnats-submit@freebsd.org
Subject: Security update for net/samba3
X-Send-Pr-Version: 3.113

>Number:         69131
>Category:       ports
>Synopsis:       Security update for net/samba3
>Confidential:   yes
>Severity:       critical
>Priority:       high
>Responsible:    trhodes
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 15 21:50:14 GMT 2004
>Closed-Date:    Sun Aug 22 06:01:44 GMT 2004
>Last-Modified:  Sun Aug 22 06:01:44 GMT 2004
>Originator:     Timur I. Bakeyev
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
>Environment:
System: FreeBSD timur.home.bat.ru 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Tue Apr 6 20:29:11 CEST 2004 root@timur.home.bat.ru:/usr/src/sys/i386/compile/COMMON i386

>Description:

	This patch effectivelly updates net/samba3 to 3.0.5 version, which
	is a security fix for the 3.0.4.

>How-To-Repeat:

>Fix:
	
	Attached file contains the patch against the current port.















From: "Timur I. Bakeyev" <timur@com.bat.ru>
To: freebsd
Cc: 
Bcc: 
Subject: t
Reply-To: 
X-Organization: RIPE Network Coordination Centre
X-Phone: +31 20 535 4444
X-Fax:   +31 20 535 4445
X-WWW: http://www.ripe.net


--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="samba.diff"

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/net/samba3/Makefile,v
retrieving revision 1.124
diff -u -u -r1.124 Makefile
--- Makefile	3 Jul 2004 12:46:41 -0000	1.124
+++ Makefile	15 Jul 2004 21:08:20 -0000
@@ -7,7 +7,7 @@
 
 PORTNAME=		samba
 PORTVERSION=		3.0.4
-PORTREVISION?=		3
+PORTREVISION?=		4
 PORTEPOCH?=		1
 CATEGORIES?=		net
 MASTER_SITES=		${MASTER_SITE_SAMBA}
Index: files/patch-lib_util_str.c
===================================================================
RCS file: /home/ncvs/ports/net/samba3/files/patch-lib_util_str.c,v
retrieving revision 1.1
diff -u -u -r1.1 patch-lib_util_str.c
--- files/patch-lib_util_str.c	18 May 2004 14:52:47 -0000	1.1
+++ files/patch-lib_util_str.c	15 Jul 2004 21:05:01 -0000
@@ -1,6 +1,36 @@
---- lib/util_str.c.orig	Tue Apr 20 22:42:55 2004
-+++ lib/util_str.c	Fri May 14 02:02:30 2004
-@@ -1980,10 +1980,16 @@
+--- lib/util_str.c.orig	Thu Jul 15 22:49:39 2004
++++ lib/util_str.c	Thu Jul 15 23:03:08 2004
+@@ -1980,7 +1980,9 @@
+ 		s++; i++;
+ 	}
+ 
+-	if (*s == '=') n -= 1;
++	if ((n > 0) && (*s == '=')) {
++		n -= 1;
++	}
+ 
+ 	/* fix up length */
+ 	decoded.length = n;
+@@ -1993,9 +1995,15 @@
+ void base64_decode_inplace(char *s)
+ {
+ 	DATA_BLOB decoded = base64_decode_data_blob(s);
+-	memcpy(s, decoded.data, decoded.length);
+-	/* null terminate */
+-	s[decoded.length] = '\0';
++
++	if ( decoded.length != 0 ) {
++		memcpy(s, decoded.data, decoded.length);
++
++		/* null terminate */
++		s[decoded.length] = '\0';
++	} else {
++		*s = '\0';
++	}
+ 
+ 	data_blob_free(&decoded);
+ }
+@@ -2009,10 +2017,16 @@
  {
  	int bits = 0;
  	int char_count = 0;

--WIyZ46R2i8wDzkSu--
>Release-Note:
>Audit-Trail:

From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
To: Timur I.Bakeyev <timur@gnu.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org,
	Tom Rhodes <trhodes@FreeBSD.org>
Subject: Re: ports/69131: Security update for net/samba3
Date: Fri, 16 Jul 2004 01:20:02 +0200

 Timur I. Bakeyev wrote:
 
 >> Number:         69131
 >> Category:       ports
 >> Synopsis:       Security update for net/samba3
 >> [...]
 >> Description:
 >
 > 	This patch effectivelly updates net/samba3 to 3.0.5 version, which
 > 	is a security fix for the 3.0.4.
 
 Could you give us a reference to the vulnerability fixed, or better yet 
 provide an entry for the vulnerability database?
 
 Thanks
 -Oliver
 

From: "Timur I. Bakeyev" <timur@com.bat.ru>
To: Oliver Eikemeier <eikemeier@fillmore-labs.com>,
	"Timur I. Bakeyev" <timur@gnu.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org,
	Tom Rhodes <trhodes@FreeBSD.org>
Subject: Re: ports/69131: Security update for net/samba3
Date: Fri, 16 Jul 2004 12:55:10 +0200

 Hi Oliver!
 
 On Fri, 16 Jul 2004 01:20:02 +0200
   Oliver Eikemeier <eikemeier@fillmore-labs.com> wrote:
 > Timur I. Bakeyev wrote:
 >>
 >> 	This patch effectivelly updates net/samba3 to 3.0.5 
 >>version, which
 >> 	is a security fix for the 3.0.4.
 > 
 > Could you give us a reference to the vulnerability 
 >fixed, or better yet provide an entry for the 
 >vulnerability database?
 
 Can't you just trust me ;)?
 
 Ok, ok, I'll forward you vendor update :) As you 
 understand, it's not public yet, so, keep it in a cool dry 
 place :)
 
 And I don't know how to make an entry for the 
 vulnerabilities DB :( So, can you please do it yourself?
 
 With regards,
 Timur.
Responsible-Changed-From-To: freebsd-ports-bugs->trhodes 
Responsible-Changed-By: pav 
Responsible-Changed-When: Sat Jul 17 21:19:38 GMT 2004 
Responsible-Changed-Why:  
Over to volunteer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=69131 

From: "Timur I. Bakeyev" <timur@gnu.org>
To: Tom Rhodes <trhodes@FreeBSD.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org, secteam@FreeBSD.org
Subject: Re: ports/69131: Security update for net/samba3
Date: Wed, 21 Jul 2004 01:37:31 +0200

 --jRHKVT23PllUwdXP
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 Hi all!
 
 This is the final update for the net/samba3. See attached
 files.
 
 As usual, please do not release any packages based on
 this until you see the official announcement on samba.org or
 on one of the samba mailing lists. The official release is
 slated for tomorrow, July 21, 6am GMT-6.
 
 Summary:       Multiple Potential Buffer Overruns in Samba 3.0.x
 CVE ID:        CAN-2004-0600, CAN-2004-0686
 ~               (http://cve.mitre.org/)
 
 With best regards,
 Timur Bakeyev.
 
 --jRHKVT23PllUwdXP
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.4 (FreeBSD)
 
 iD8DBQFA/ay4C/BkEmC6H0cRAnTaAJ9LuKTrjB2vGeTeSzoo88FtudLJXQCggNLQ
 uGH43BPLXSCcBgPxJ92xWG0=
 =k2eM
 -----END PGP SIGNATURE-----
 
 --jRHKVT23PllUwdXP--

From: Tom Rhodes <trhodes@FreeBSD.org>
To: "Timur I. Bakeyev" <timur@gnu.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org, secteam@FreeBSD.org
Subject: Re: ports/69131: Security update for net/samba3
Date: Wed, 21 Jul 2004 01:24:01 -0400

 On Wed, 21 Jul 2004 01:37:31 +0200
 "Timur I. Bakeyev" <timur@gnu.org> wrote:
 
 > Hi all!
 > 
 > This is the final update for the net/samba3. See attached
 > files.
 > 
 > As usual, please do not release any packages based on
 > this until you see the official announcement on samba.org or
 > on one of the samba mailing lists. The official release is
 > slated for tomorrow, July 21, 6am GMT-6.
 
 I see no files attached, does the one in the PR still remain
 the same?
 
 
 -- 
 Tom Rhodes

From: "Timur I. Bakeyev" <timur@com.bat.ru>
To: Tom Rhodes <trhodes@FreeBSD.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org, secteam@FreeBSD.org
Subject: Re: ports/69131: Security update for net/samba3
Date: Wed, 21 Jul 2004 08:56:03 +0200

 --CdrF4e02JqNVZeln
 Content-Type: multipart/mixed; boundary="M9NhX3UHpAaciwkO"
 Content-Disposition: inline
 
 
 --M9NhX3UHpAaciwkO
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Wed, Jul 21, 2004 at 01:24:01AM -0400, Tom Rhodes wrote:
 >=20
 > I see no files attached, does the one in the PR still remain
 > the same?
 
 He-he, as usual - forgot to attach the most necessary part :)))
 
 With regards,
 Timur.
 
 --M9NhX3UHpAaciwkO
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="samba.diff"
 Content-Transfer-Encoding: quoted-printable
 
 Index: Makefile
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /home/ncvs/ports/net/samba3/Makefile,v
 retrieving revision 1.124
 diff -u -r1.124 Makefile
 --- Makefile	3 Jul 2004 12:46:41 -0000	1.124
 +++ Makefile	20 Jul 2004 20:17:27 -0000
 @@ -6,8 +6,8 @@
  #
 =20
  PORTNAME=3D		samba
 -PORTVERSION=3D		3.0.4
 -PORTREVISION?=3D		3
 +PORTVERSION=3D		3.0.5
 +PORTREVISION?=3D		0
  PORTEPOCH?=3D		1
  CATEGORIES?=3D		net
  MASTER_SITES=3D		${MASTER_SITE_SAMBA}
 @@ -252,7 +252,7 @@
  # Based on patch from miraclelinux.com.
  # http://www.miraclelinux.com/english/technet/samba30/index.html
  PATCH_SITES=3D	http://dist.bsdlab.org/
 -PATCHFILES=3D	samba-${PORTVERSION}-i18n-20040521.bz2
 +PATCHFILES=3D	samba-3.0.4-i18n-20040521.bz2
  PATCH_DIST_STRIP=3D	-p1
  PLIST_SUB+=3D		I18N=3D""
  .else
 Index: distinfo
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /home/ncvs/ports/net/samba3/distinfo,v
 retrieving revision 1.54
 diff -u -r1.54 distinfo
 --- distinfo	3 Jun 2004 07:57:07 -0000	1.54
 +++ distinfo	20 Jul 2004 20:19:36 -0000
 @@ -1,4 +1,4 @@
 -MD5 (samba-3.0.4.tar.gz) =3D 0156265c1e95ac662deef386f615504f
 -SIZE (samba-3.0.4.tar.gz) =3D 15046252
 +MD5 (samba-3.0.5.tar.gz) =3D 5896ad33676e3c26efaab5dcd897c466
 +SIZE (samba-3.0.5.tar.gz) =3D 15076996
  MD5 (samba-3.0.4-i18n-20040521.bz2) =3D 24158c2fd00b47ff5b0bcad23cae16e1
  SIZE (samba-3.0.4-i18n-20040521.bz2) =3D 18982
 
 --M9NhX3UHpAaciwkO--
 
 --CdrF4e02JqNVZeln
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.4 (FreeBSD)
 
 iD8DBQFA/hOBC/BkEmC6H0cRAj8zAJ4sG6kS04VpXtyd2Erd4I9DeRzFuQCgmUzR
 6jNyvuF/sVD5F343PpDR/FI=
 =Vg6a
 -----END PGP SIGNATURE-----
 
 --CdrF4e02JqNVZeln--
State-Changed-From-To: open->feedback 
State-Changed-By: linimon 
State-Changed-When: Sun Aug 22 05:56:08 GMT 2004 
State-Changed-Why:  
Has there been any progress on this one? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=69131 
State-Changed-From-To: feedback->closed 
State-Changed-By: trhodes 
State-Changed-When: Sun Aug 22 06:01:14 GMT 2004 
State-Changed-Why:  
My bad, this should have been closed awhile ago.  Thanks 
for pointing this out to me Mark. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=69131 
>Unformatted:
 --WIyZ46R2i8wDzkSu
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 
