diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2020-01-29 13:13:05 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2020-01-29 13:13:05 +0000 |
| commit | 76aa389dc76e9ee3bc437d860cc5f28448dfdaaf (patch) | |
| tree | 46fc0bf2a60a63e1b8a47d534e10cb257f5dc605 | |
| parent | 43e08b3b19736417ba09ef9df29e7c747902e1b9 (diff) | |
| download | pkgsrc-76aa389dc76e9ee3bc437d860cc5f28448dfdaaf.tar.gz | |
Pullup ticket #6125 - requested by taca
net/samba4: security fix
Revisions pulled up:
- net/samba4/Makefile 1.86-1.89
- net/samba4/PLIST 1.25
- net/samba4/distinfo 1.39-1.41
- net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build 1.1
---
Module Name: pkgsrc
Committed By: adam
Date: Mon Dec 30 13:58:35 UTC 2019
Modified Files:
pkgsrc/net/samba4: Makefile PLIST distinfo
Log Message:
samba4: updated to 4.11.4
Changes since 4.11.3:
* BUG 14161: s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode
number.
* BUG 14174: s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum()
on an SMB1 connection.
* BUG 14176: NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in
SMBC_opendir_ctx.
* BUG 14189: s3: smbd: SMB2 - Ensure we use the correct session_id if
encrypting an interim response.
* BUG 14205: Prevent smbd crash after invalid SMB1 negprot.
* BUG 13745: s3:printing: Fix %J substition.
* BUG 13925: s3: Remove now unneeded call to cmdline_messaging_context().
* BUG 14069: Incomplete conversion of former parametric options.
* BUG 14070: Fix sync dosmode fallback in async dosmode codepath.
* BUG 14171: vfs_fruit returns capped resource fork length.
* BUG 14116: libnet_join: Add SPNs for additional-dns-hostnames entries.
* BUG 14211: smbd: Increase a debug level.
* BUG 14153: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant.
* BUG 14179: krb5_plugin: Fix developer build with newer heimdal system
library.
* BUG 14168: replace: Only link libnsl and libsocket if requrired.
* BUG 14175: ctdb: Incoming queue can be orphaned causing communication
breakdown.
* BUG 13846: ldb: Release ldb 2.0.8. Cross-compile will not take
cross-answers or cross-execute.
* BUG 13856: heimdal-build: Avoid hard-coded /usr/include/heimdal in
asn1_compile-generated code.
---
Module Name: pkgsrc
Committed By: jperkin
Date: Wed Jan 8 10:40:03 UTC 2020
Modified Files:
pkgsrc/net/samba4: distinfo
Added Files:
pkgsrc/net/samba4/patches:
patch-source4_utils_oLschema2ldif_wscript__build
Log Message:
samba4: Disable more fmemopen utilities on SunOS.
---
Module Name: pkgsrc
Committed By: jperkin
Date: Sat Jan 18 21:51:16 UTC 2020
Modified Files:
pkgsrc/net/samba4: Makefile
Log Message:
*: Recursive revision bump for openssl 1.1.1.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Jan 21 14:12:36 UTC 2020
Modified Files:
pkgsrc/net/samba4: Makefile distinfo
Log Message:
net/samba4: update to 4.11.5
Update samba4 to 4.11.5.
==============================
Release Notes for Samba 4.11.5
January 21, 2020
==============================
This is a security release in order to address the following defects:
o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
Directory not automatic.
o CVE-2019-14907: Crash after failed character conversion at log level 3 or
above.
o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.
=======
Details
=======
o CVE-2019-14902:
The implementation of ACL inheritance in the Samba AD DC was not complete,
and so absent a 'full-sync' replication, ACLs could get out of sync between
domain controllers.
o CVE-2019-14907:
When processing untrusted string input Samba can read past the end of the
allocated buffer when printing a "Conversion error" message to the logs.
o CVE-2019-19344:
During DNS zone scavenging (of expired dynamic entries) there is a read of
memory after it has been freed.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jan 27 14:04:13 UTC 2020
Modified Files:
pkgsrc/net/samba4: Makefile
Log Message:
net/samba4: update depdendency
Update dependency for daabases/ldb and devel/talloc.
Bump PKGREVISION.
| -rw-r--r-- | net/samba4/Makefile | 8 | ||||
| -rw-r--r-- | net/samba4/PLIST | 3 | ||||
| -rw-r--r-- | net/samba4/distinfo | 11 | ||||
| -rw-r--r-- | net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build | 24 |
4 files changed, 37 insertions, 9 deletions
diff --git a/net/samba4/Makefile b/net/samba4/Makefile index a73a368b70d..c77c2725dcb 100644 --- a/net/samba4/Makefile +++ b/net/samba4/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.85 2019/12/10 13:03:41 adam Exp $ +# $NetBSD: Makefile,v 1.85.4.1 2020/01/29 13:13:05 bsiegert Exp $ -DISTNAME= samba-4.11.3 +DISTNAME= samba-4.11.5 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= https://download.samba.org/pub/samba/stable/ @@ -205,13 +206,14 @@ REPLACE_PYTHON+= source4/scripting/bin/* .endif .include "../../archivers/libarchive/buildlink3.mk" .include "../../converters/libiconv/buildlink3.mk" +BUILDLINK_API_DEPENDS.ldb+= ldb>=2.0.8 .include "../../databases/ldb/buildlink3.mk" .include "../../databases/lmdb/buildlink3.mk" .include "../../devel/cmocka/buildlink3.mk" .include "../../devel/gettext-lib/buildlink3.mk" .include "../../devel/popt/buildlink3.mk" .include "../../devel/readline/buildlink3.mk" -BUILDLINK_API_DEPENDS.talloc+= talloc>=2.1.9 +BUILDLINK_API_DEPENDS.talloc+= talloc>=2.2.0 .include "../../devel/talloc/buildlink3.mk" .include "../../devel/tevent/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" diff --git a/net/samba4/PLIST b/net/samba4/PLIST index 0f5bc134f20..1673ec1dd98 100644 --- a/net/samba4/PLIST +++ b/net/samba4/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.24 2019/11/10 17:01:58 adam Exp $ +@comment $NetBSD: PLIST,v 1.24.4.1 2020/01/29 13:13:05 bsiegert Exp $ bin/cifsdd bin/dbwrap_tool bin/dumpmscat @@ -500,6 +500,7 @@ ${PYSITELIB}/samba/tests/security.py ${PYSITELIB}/samba/tests/segfault.py ${PYSITELIB}/samba/tests/smb.py ${PYSITELIB}/samba/tests/smbd_base.py +${PYSITELIB}/samba/tests/smbd_fuzztest.py ${PYSITELIB}/samba/tests/source.py ${PYSITELIB}/samba/tests/strings.py ${PYSITELIB}/samba/tests/subunitrun.py diff --git a/net/samba4/distinfo b/net/samba4/distinfo index a8fdea53571..66092899038 100644 --- a/net/samba4/distinfo +++ b/net/samba4/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.38 2019/12/10 13:03:41 adam Exp $ +$NetBSD: distinfo,v 1.38.4.1 2020/01/29 13:13:05 bsiegert Exp $ -SHA1 (samba-4.11.3.tar.gz) = cd90090cbe834d9aa86b065eca4dbf3ff7e521f4 -RMD160 (samba-4.11.3.tar.gz) = 81e0b803f97b640882f0dfc6d83c331aaddc9015 -SHA512 (samba-4.11.3.tar.gz) = 11882791cf7c4e3155e50732c8b0858312caf9ce90767fa2703cb3bbe41e981035a0e14e658e9f51b67bdf1882cb9bc987a32f4515ae8a9ad0da3270629abe8b -Size (samba-4.11.3.tar.gz) = 18520441 bytes +SHA1 (samba-4.11.5.tar.gz) = d06abddcbb5ec1800f30ac2f9b760515e3f2f2ce +RMD160 (samba-4.11.5.tar.gz) = 137535478b546f364f2c2410ada2ff5289c202fa +SHA512 (samba-4.11.5.tar.gz) = b81edc4563e87c0d4fd7b3ed659def80980c961d0b9cf09be42f0a1334f823f8cf3cd5d57315451c0b7af2489a5fa1af8410cd65f6dc521aad0c5aa7014327c6 +Size (samba-4.11.5.tar.gz) = 18534895 bytes SHA1 (patch-buildtools_wafsamba_samba__conftests.py) = d927db17124d2bb5b382885e70a41f84c3929926 SHA1 (patch-buildtools_wafsamba_samba__install.py) = d801340617da325e3bb70a90350e45cc8e383c2d SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = a7cc41a55ce032c3fe1e0b660f88fa7871710e0e @@ -31,4 +31,5 @@ SHA1 (patch-source4_dsdb_samdb_ldb__modules_wscript__build__server) = c322cf5699 SHA1 (patch-source4_heimdal__build_roken.h) = ee535f8e7cc46a3487d95bc859438c476a88fe60 SHA1 (patch-source4_heimdal_include_heim__threads.h) = c93e0c80790ea2045333822c80e66d371bf2249c SHA1 (patch-source4_scripting_wsript_build) = bd4feddcaadf1c3d2d25eb7914e7b5843e4e9511 +SHA1 (patch-source4_utils_oLschema2ldif_wscript__build) = b0cbbcd4ebedd443dc9f9a59d1dad2e039bb9663 SHA1 (patch-third__party_socket__wrapper_socket__wrapper.c) = 0cc01c932f21e9f6219fb9d204e6fdf3682938f8 diff --git a/net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build b/net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build new file mode 100644 index 00000000000..fdf77efb969 --- /dev/null +++ b/net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build @@ -0,0 +1,24 @@ +$NetBSD: patch-source4_utils_oLschema2ldif_wscript__build,v 1.1.2.2 2020/01/29 13:13:05 bsiegert Exp $ + +Don't build test_oLschema2ldif on SunOS (lacks fmemopen). + +--- source4/utils/oLschema2ldif/wscript_build.orig 2019-12-06 09:49:26.000000000 +0000 ++++ source4/utils/oLschema2ldif/wscript_build +@@ -1,5 +1,7 @@ + #!/usr/bin/env python + ++import sys ++ + bld.SAMBA_SUBSYSTEM('oLschema2ldif-lib', + source='lib.c', + deps='samdb', +@@ -11,7 +13,8 @@ bld.SAMBA_BINARY('oLschema2ldif', + deps='oLschema2ldif-lib POPT_SAMBA', + ) + +-bld.SAMBA_BINARY('test_oLschema2ldif', ++if not sys.platform.startswith('sunos'): ++ bld.SAMBA_BINARY('test_oLschema2ldif', + source='test.c', + deps='cmocka oLschema2ldif-lib', + local_include=False, |