[MacPorts] #34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch
MacPorts
noreply at macports.org
Fri Jul 27 01:54:40 PDT 2012
#34455: samba3 @3.2.15_2 request to add CVE-2012-1182 patch
--------------------------------------+-------------------------------------
Reporter: nonstop.server@… | Owner: mww@…
Type: defect | Status: new
Priority: High | Milestone:
Component: ports | Version:
Keywords: | Port: samba3
--------------------------------------+-------------------------------------
Comment(by nonstop.server@…):
Replying to [comment:2 ryandesign@…]:
No, there are no outstanding security updates against Samba version
3.6.6.[[BR]]
CVE-2012-1182 has been solved since security release 3.6.4 of Samba.
{{{
=============================
Release Notes for Samba 3.6.4
April 10, 2012
=============================
This is a security release in order to address
CVE-2012-1182 ("root" credential remote code execution).
o CVE-2012-1182:
Samba 3.0.x to 3.6.3 are affected by a
vulnerability that allows remote code
execution as the "root" user.
Changes since 3.6.3:
--------------------
o Stefan Metzmacher <metze at samba.org>
*BUG 8815: PIDL based autogenerated code allows overwriting beyond of
allocated array (CVE-2012-1182).
}}}
--
Ticket URL: <https://trac.macports.org/ticket/34455#comment:3>
MacPorts <http://www.macports.org/>
Ports system for Mac OS
More information about the macports-tickets
mailing list