elrond | 4 Dec 13:57 2007

cvs commit: tng/source/nmbd nmbd_packets.c nmbd_processlogon.c

elrond      2007/12/04 13:57:32 CET

Modified files:
   source/nmbd            nmbd_packets.c nmbd_processlogon.c 
CVE-2007-4572: Buffer overflow in nmbd/process_logon

Yet some other buffer overflow in nmbd.

While there added a check in nmbd_packets.c.

Revision  Changes                                Path
1.18      +8 -2;  commitid: SQNPAvK8BoFd47Is;    tng/source/nmbd/nmbd_packets.c
1.13      +33 -18;  commitid: SQNPAvK8BoFd47Is;  tng/source/nmbd/nmbd_processlogon.c

elrond | 5 Dec 14:13 2007

cvs commit: tng/debian changelog rules

elrond      2007/12/05 14:13:01 CET

Modified files:
   debian                 changelog rules 
Debian: Do not build with quotas, until we fix them

Revision  Changes                              Path
1.41      +1 -0;  commitid: gpDSWAzR1Qxk8fIs;  tng/debian/changelog
1.22      +1 -1;  commitid: gpDSWAzR1Qxk8fIs;  tng/debian/rules

elrond | 5 Dec 21:39 2007

cvs commit: tng/source Makefile.in

elrond      2007/12/05 21:39:15 CET

Modified files:
   source                 Makefile.in 
Added "make dist-opensuse-buildservice" feature

We're in an ongoing process to use opensuse's buildservice
to build packages for various systems.
They even have Debian Etch on their build lists and most of
make dist-opensuse-buildservice is to prepare some faked
samba-tng.dsc for that target.
They have some specialities, which are not stricly like
normal debian. I have not asked for details. Stephan
Lauffer is caring for most of this.

Revision  Changes                               Path
1.153     +21 -0;  commitid: SYChTdJ7hdTmyhIs;  tng/source/Makefile.in

elrond | 14 Dec 01:23 2007

cvs commit: tng/source/lib util.c tng/source/libsmb namequery.c tng/source/nmbd nmbd_packets.c

elrond      2007/12/14 01:23:41 CET

Modified files:
   source/lib             util.c 
   source/libsmb          namequery.c 
   source/nmbd            nmbd_packets.c 
CVE-2007-6015: Yet more nmb issues

I think, this problem doesn't affect TNG with the fix for
CVE-2007-4572 applied to worse, as that fix already
contained a smaller version of the problem addressed here.

While there some little typing thingies on set_message.

My personal guess is, that this isn't the last nmb problem
we'll see.

Revision  Changes                              Path
1.67      +6 -4;  commitid: wMWDxvuL4a7pzkJs;  tng/source/lib/util.c
1.20      +8 -1;  commitid: wMWDxvuL4a7pzkJs;  tng/source/libsmb/namequery.c
1.19      +8 -7;  commitid: wMWDxvuL4a7pzkJs;  tng/source/nmbd/nmbd_packets.c