---
- branch: MAIN
  date: Mon Aug 12 02:47:32 UTC 2013
  files:
  - new: '1.31'
    old: '1.30'
    path: pkgsrc/net/samba35/Makefile
    pathrev: pkgsrc/net/samba35/Makefile@1.31
    type: modified
  - new: '1.16'
    old: '1.15'
    path: pkgsrc/net/samba35/distinfo
    pathrev: pkgsrc/net/samba35/distinfo@1.16
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/net/samba35/patches/patch-af
    pathrev: pkgsrc/net/samba35/patches/patch-af@1.6
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/samba35/patches/patch-ah
    pathrev: pkgsrc/net/samba35/patches/patch-ah@1.3
    type: modified
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/samba35/patches/patch-av
    pathrev: pkgsrc/net/samba35/patches/patch-av@1.3
    type: modified
  - new: '1.2'
    old: 1.1.1.1
    path: pkgsrc/net/samba35/patches/patch-ap
    pathrev: pkgsrc/net/samba35/patches/patch-ap@1.2
    type: modified
  - new: '1.2'
    old: 1.1.1.1
    path: pkgsrc/net/samba35/patches/patch-aw
    pathrev: pkgsrc/net/samba35/patches/patch-aw@1.2
    type: modified
  - new: '1.4'
    old: '1.3'
    path: pkgsrc/net/samba35/patches/patch-aq
    pathrev: pkgsrc/net/samba35/patches/patch-aq@1.4
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/net/samba35/patches/patch-ba
    pathrev: pkgsrc/net/samba35/patches/patch-ba@1.2
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/net/samba35/patches/patch-bb
    pathrev: pkgsrc/net/samba35/patches/patch-bb@1.2
    type: modified
  id: 20130812T024732Z.f850ed6bd86da2ac6055a206fe6e97af19dc96c0
  log: "Update samba35 to 3.5.22, security release.\n\n                   ==============================\n
    \                  Release Notes for Samba 3.5.22\n\t\t\t  August 05, 2013\n                   ==============================\n\nThis
    is a security release in order to address\nCVE-2013-4124 (Missing integer wrap
    protection in EA list reading can cause\nserver to loop with DOS).\n\no  CVE-2013-4124:\n
    \  All current released versions of Samba are vulnerable to a denial of\n   service
    on an authenticated or guest connection. A malformed packet\n   can cause the
    smbd server to loop the CPU performing memory\n   allocations and preventing any
    further service.\n\n   A connection to a file share, or a local account is needed
    to exploit\n   this problem, either authenticated or unauthenticated if guest\n
    \  connections are allowed.\n\n   This flaw is not exploitable beyond causing
    the code to loop\n   allocating memory, which may cause the machine to exceed
    memory\n   limits.\n\nChanges since 3.5.21:\n---------------------\n\no   Jeremy
    Allison <jra@samba.org>\n    * BUG 10010: CVE-2013-4124: Missing integer wrap
    protection in EA list\n      reading can cause server to loop with DOS.\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/net/samba35'
  unixtime: '1376275652'
  user: taca