Please test. Here is a security / bug fix roll up update. This is the last 3.0 release. The 3.4 port in progress needs to shape up and get commited at some point after this.
Index: Makefile =================================================================== RCS file: /cvs/ports/net/samba/Makefile,v retrieving revision 1.106 diff -u -p -r1.106 Makefile --- Makefile 15 Sep 2009 17:37:21 -0000 1.106 +++ Makefile 11 Oct 2009 00:03:24 -0000 @@ -3,9 +3,9 @@ COMMENT-main= SMB and CIFS client and server for UNIX COMMENT-docs= additional documentation and examples for Samba -DISTNAME= samba-3.0.34 -PKGNAME-main= ${DISTNAME}p2 -FULLPKGNAME-docs= ${DISTNAME:S/-/-docs-/}p0 +DISTNAME= samba-3.0.37 +PKGNAME-main= ${DISTNAME} +FULLPKGNAME-docs= ${DISTNAME:S/-/-docs-/} SHARED_LIBS= smbclient 1.0 \ msrpc 1.0 Index: distinfo =================================================================== RCS file: /cvs/ports/net/samba/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- distinfo 14 May 2009 17:05:46 -0000 1.15 +++ distinfo 11 Oct 2009 00:04:19 -0000 @@ -1,5 +1,5 @@ -MD5 (samba-3.0.34.tar.gz) = YkBPObs90KN9Y5bFfgTJBw== -RMD160 (samba-3.0.34.tar.gz) = 15zVRLWrK0pxMLjFLBntz8iQg+o= -SHA1 (samba-3.0.34.tar.gz) = GBBNG/UJzT/TEHwJ+mIFZm4ErBY= -SHA256 (samba-3.0.34.tar.gz) = UweT3p9BFPSzkdky4oM7ryWgBJgxdHHNdaBo8zeMKZ4= -SIZE (samba-3.0.34.tar.gz) = 24835363 +MD5 (samba-3.0.37.tar.gz) = Ee0r/vQJC9VzaxlLQ/ZyiQ== +RMD160 (samba-3.0.37.tar.gz) = Brdq4icp4QyD1q9C0DsDrWnkkQM= +SHA1 (samba-3.0.37.tar.gz) = Xsa8ZVizx5n3R+tJ+7oBnV7fDL0= +SHA256 (samba-3.0.37.tar.gz) = u2fA4T1My9hLkgDIc5OT/dmzFFtarSFpNNxnDw/OomY= +SIZE (samba-3.0.37.tar.gz) = 23416703 Index: patches/patch-Makefile_in =================================================================== RCS file: /cvs/ports/net/samba/patches/patch-Makefile_in,v retrieving revision 1.11 diff -u -p -r1.11 patch-Makefile_in --- patches/patch-Makefile_in 11 Jul 2008 11:40:33 -0000 1.11 +++ patches/patch-Makefile_in 11 Oct 2009 00:14:30 -0000 @@ -1,6 +1,6 @@ $OpenBSD: patch-Makefile_in,v 1.11 2008/07/11 11:40:33 brad Exp $ ---- Makefile.in.orig Wed May 28 08:41:11 2008 -+++ Makefile.in Fri Jul 4 00:36:10 2008 +--- Makefile.in.orig Wed Sep 30 08:21:56 2009 ++++ Makefile.in Sat Oct 10 20:04:44 2009 @@ -109,11 +109,13 @@ LOCKDIR = @lockdir@ # the directory where pid files go PIDDIR = @piddir@ @@ -32,7 +32,7 @@ $OpenBSD: patch-Makefile_in,v 1.11 2008/ PASSWD_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DPRIVATE_DIR=\"$(PRIVATE_DIR)\" PATH_FLAGS1 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DSBINDIR=\"$(SBINDIR)\" -@@ -1152,11 +1154,10 @@ bin/libaddns.a: proto_exists $(LIBADDNS_OBJ) +@@ -1159,11 +1161,10 @@ bin/libaddns.a: proto_exists $(LIBADDNS_OBJ) @echo Linking libaddns non-shared library $@ @-$(AR) -rc $@ $(LIBADDNS_OBJ) @@ -46,7 +46,7 @@ $OpenBSD: patch-Makefile_in,v 1.11 2008/ bin/libsmbclient.a: proto_exists $(LIBSMBCLIENT_OBJ) @echo Linking libsmbclient non-shared library $@ -@@ -1172,10 +1173,9 @@ bin/libsmbsharemodes.a: proto_exists $(LIBSMBSHAREMODE +@@ -1179,10 +1180,9 @@ bin/libsmbsharemodes.a: proto_exists $(LIBSMBSHAREMODE @echo Linking libsmbsharemodes non-shared library $@ @-$(AR) -rc $@ $(LIBSMBSHAREMODES_OBJ) @@ -59,7 +59,7 @@ $OpenBSD: patch-Makefile_in,v 1.11 2008/ bin/libmsrpc.a: proto_exists $(CAC_OBJ) @echo Linking libmsrpc non-shared library $@ -@@ -1623,14 +1623,14 @@ installswat: installdirs installmsg +@@ -1633,14 +1633,14 @@ installswat: installdirs installmsg installclientlib: installdirs libsmbclient @$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS) $(DESTDIR) $(LIBDIR) Index: patches/patch-docs_manpages_swat_8 =================================================================== RCS file: /cvs/ports/net/samba/patches/patch-docs_manpages_swat_8,v retrieving revision 1.6 diff -u -p -r1.6 patch-docs_manpages_swat_8 --- patches/patch-docs_manpages_swat_8 11 Jul 2008 11:40:33 -0000 1.6 +++ patches/patch-docs_manpages_swat_8 11 Oct 2009 00:16:41 -0000 @@ -1,19 +1,19 @@ $OpenBSD: patch-docs_manpages_swat_8,v 1.6 2008/07/11 11:40:33 brad Exp $ ---- ../docs/manpages/swat.8.orig Thu Jul 3 22:20:31 2008 -+++ ../docs/manpages/swat.8 Thu Jul 3 22:22:36 2008 -@@ -103,49 +103,6 @@ will be appended (e\.g\. log\.smbclient, log\.smbd, et +--- ../docs/manpages/swat.8.orig Wed Sep 30 08:28:45 2009 ++++ ../docs/manpages/swat.8 Sat Oct 10 20:14:20 2009 +@@ -261,49 +261,6 @@ will be appended (e\&.g\&. log\&.smbclient, log\&.smbd .RS 4 - Print a summary of command line options\. + Print a summary of command line options\&. .RE -.SH "INSTALLATION" -.PP --Swat is included as binary package with most distributions\. The package manager in this case takes care of the installation and configuration\. This section is only for those who have compiled swat from scratch\. +-Swat is included as binary package with most distributions\&. The package manager in this case takes care of the installation and configuration\&. This section is only for those who have compiled swat from scratch\&. -.PP -After you compile SWAT you need to run --make install +-\FCmake install \F[] -to install the --swat --binary and the various help files and images\. A default install would put these in: +-\FCswat\F[] +-binary and the various help files and images\&. A default install would put these in: -.sp -.RS 4 -.ie n \{\ @@ -51,30 +51,30 @@ $OpenBSD: patch-docs_manpages_swat_8,v 1 .SS "Inetd Installation" .PP You need to edit your -@@ -173,7 +130,7 @@ In - \fI/etc/inetd\.conf\fR +@@ -331,7 +288,7 @@ In + \FC/etc/inetd\&.conf\F[] you should add a line like this: .PP --swat stream tcp nowait\.400 root /usr/local/samba/sbin/swat swat -+swat stream tcp nowait\.400 root ${PREFIX}/libexec/swat swat +-\FCswat stream tcp nowait\&.400 root /usr/local/samba/sbin/swat swat\F[] ++\FCswat stream tcp nowait\&.400 root ${PREFIX}/libexec/swat swat\F[] .PP Once you have edited - \fI/etc/services\fR -@@ -199,14 +156,12 @@ This file must contain suitable startup information fo - This file must contain a mapping of service name (e\.g\., swat) to service port (e\.g\., 901) and protocol type (e\.g\., tcp)\. + \FC/etc/services\F[] +@@ -357,14 +314,12 @@ This file must contain suitable startup information fo + This file must contain a mapping of service name (e\&.g\&., swat) to service port (e\&.g\&., 901) and protocol type (e\&.g\&., tcp)\&. .RE .PP --\fI/usr/local/samba/lib/smb\.conf\fR -+\fI${SYSCONFDIR}/samba/smb\.conf\fR +-\FC/usr/local/samba/lib/smb\&.conf\F[] ++\FC${SYSCONFDIR}/samba/smb\&.conf\F[] .RS 4 This is the default location of the \fBsmb.conf\fR(5) --server configuration file that swat edits\. Other common places that systems install this file are --\fI /usr/samba/lib/smb\.conf\fR +-server configuration file that swat edits\&. Other common places that systems install this file are +-\FC /usr/samba/lib/smb\&.conf\F[] -and --\fI/etc/smb\.conf \fR\. This file describes all the services the server is to make available to clients\. -+server configuration file that swat edits\. -+This file describes all the services the server is to make available to clients\. +-\FC/etc/smb\&.conf \F[]\&. This file describes all the services the server is to make available to clients\&. ++server configuration file that swat edits\&. ++This file describes all the services the server is to make available to clients\&. .RE .SH "WARNINGS" .PP Index: patches/patch-smbd_posix_acls_c =================================================================== RCS file: patches/patch-smbd_posix_acls_c diff -N patches/patch-smbd_posix_acls_c --- patches/patch-smbd_posix_acls_c 30 Jun 2009 21:38:38 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,15 +0,0 @@ -$OpenBSD: patch-smbd_posix_acls_c,v 1.1 2009/06/30 21:38:38 naddy Exp $ - -Resolve CVE-2009-1888 - ---- smbd/posix_acls.c.orig Tue Nov 18 10:37:41 2008 -+++ smbd/posix_acls.c Mon Jun 29 19:14:43 2009 -@@ -2296,6 +2296,8 @@ static BOOL acl_group_override(connection_struct *conn - { - SMB_STRUCT_STAT sbuf; - -+ ZERO_STRUCT(sbuf); -+ - if ((errno != EPERM) && (errno != EACCES)) { - return False; - } Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/net/samba/pkg/PLIST-main,v retrieving revision 1.9 diff -u -p -r1.9 PLIST-main --- pkg/PLIST-main 14 May 2009 17:05:46 -0000 1.9 +++ pkg/PLIST-main 11 Oct 2009 00:47:35 -0000 @@ -71,7 +71,6 @@ libexec/swat @man man/man7/libsmbclient.7 @man man/man7/pam_winbind.7 @man man/man7/samba.7 -...@man man/man8/cifs.upcall.8 @man man/man8/eventlogadm.8 @man man/man8/idmap_ad.8 @man man/man8/idmap_ldap.8 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.