At 09:50 12/12/2007, Remko Lodder wrote: >W. D. wrote: >> At 02:01 12/12/2007, Remko Lodder wrote: >>> W. D. wrote: >>>> ...Vulnerability - CVE-2007-6015" >>>> >>>> http://www.freshports.org/net/samba3/ >>>> >>>> >============================================================================ >>>> *samba3 3.0.26a_2,1* net <http://www.freshports.org/net/> >>>> <http://www.freshports.org/faq.php#watchlistcount> =220 >>>> >>> ><http://www.freshports.org/search.php?stype=depends_all&method=match&q>>uery=net/samba3> >>>> FORBIDDEN: "Remote Code Execution Vulnerability - CVE-2007-6015" >>>> IGNORE: is forbidden: "Remote Code Execution Vulnerability - CVE-2007-6015" >>>> >============================================================================ >>>> >>>> >============================================================================ >>>> 11 Dec 2007 22:39:55 >>>> *3.0.26a_2,1* remko <mailto:[EMAIL PROTECTED]> >>>> >>> ><http://www.freshports.org/search.php?stype=committer&method=exact&query=remko> >>>> >>>> Make Samba forbidden till Timur had the time to upgrade this, >>>> because >>>> samba appears to be vulnerable to remote code execution which could harm >>>> our users. >>>> >>>> This will be removed after we have a safe version to which we can >>>> upgrade. >>>> >>>> Hat: >>>> secteam >>>> Discussed with and requested >>>> by: timur >>>> >>>> >============================================================================ >>>> >>>> Dang! When will this be fixed? >>>> >>>> >>> Soon, there are patches available, we just need to make sure that it >>> doesn't bite anything while we are in a ports-slush, hence the FORBIDDEN >>> part. >>> >>> Best regards, >>> Remko >> >> Hours? Days? Weeks? >> > >The freebsd port will be up to date as soon as possible, there are fixes >available already on the Samba websites.. > >Best regards, >remko
Well, it's been 2 days now. When will the code be updated in the FreeBSD ports? The version on the Samba website is 3.0.28. (http://www.Samba.org/) Why is the FreeBSD ports version stuck at 3.0.26a_2,1? If there are fixes available already on the Samba websites, why can't they be integrated into the ports? I neet to get a fileserver going right away. I would like to use Samba. Perhaps I should just load Windows on it? It seems to me that leaving a port broken like this is very "unprofessional". I would expect more from the folks maintaing FreeBSD. When is it going to be fixed? Does "soon" mean this century? This year? When? Start Here to Find It Fast! -> http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names -> http://domains.us-webmasters.com/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"