Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 3D056A5802 for ; Mon, 17 Mar 2014 14:02:01 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 8294014A19B; Mon, 17 Mar 2014 14:02:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id B3EC214A19A for ; Mon, 17 Mar 2014 14:01:57 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id sOaPFs4Nkm2O for ; Mon, 17 Mar 2014 14:01:57 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 396C614A198 for ; Mon, 17 Mar 2014 14:01:57 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 2EEF796; Mon, 17 Mar 2014 14:01:57 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Mon, 17 Mar 2014 14:01:57 +0000 From: "Takahiro Kambe" Subject: CVS commit: pkgsrc/net/samba To: pkgsrc-changes@NetBSD.org Reply-To: taca@netbsd.org X-Mailer: log_accum Message-Id: <20140317140157.2EEF796@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: taca Date: Mon Mar 17 14:01:57 UTC 2014 Modified Files: pkgsrc/net/samba: Makefile distinfo Log Message: Update samba to 3.6.23. ============================== Release Notes for Samba 3.6.23 March 11, 2014 ============================== This is a security release in order to address CVE-2013-4496 (Password lockout not enforced for SAMR password changes). o CVE-2013-4496: Samba versions 3.4.0 and above allow the administrator to implement locking out Samba accounts after a number of bad password attempts. However, all released versions of Samba did not implement this check for password changes, such as are available over multiple SAMR and RAP interfaces, allowing password guessing attacks. To generate a diff of this commit: cvs rdiff -u -r1.246 -r1.247 pkgsrc/net/samba/Makefile cvs rdiff -u -r1.97 -r1.98 pkgsrc/net/samba/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.