Re: CVS commit: pkgsrc/net/samba4

To: thor%netbsd.org@localhost
Subject: Re: CVS commit: pkgsrc/net/samba4
From: Adam <adam%netbsd.org@localhost>
Date: Mon, 7 Mar 2022 22:55:05 +0100

> Module Name:  pkgsrc
> Committed By: thor
> Date:         Mon Mar  7 21:40:38 UTC 2022
> 
> Modified Files:
>       pkgsrc/net/samba4: Makefile PLIST distinfo options.mk
>       pkgsrc/net/samba4/patches: patch-lib_replace_wscript
>           patch-source4_heimdal__build_roken.h
>           patch-source4_scripting_wsript_build
>           patch-source4_utils_oLschema2ldif_wscript__build
> Added Files:
>       pkgsrc/net/samba4/patches: patch-source3_smbd_open.c
>           patch-source3_utils_net__offlinejoin.c
> Removed Files:
>       pkgsrc/net/samba4/patches: patch-source3_libsmb_libsmb__stat.c
>           patch-source4_torture_libsmbclient_libsmbclient.c
> 
> Log Message:
> net/samba4: version 4.15.4

Why not 4.15.5, which addresses these security issues:

o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target
                  of a symlink exists.
                  https://www.samba.org/samba/security/CVE-2021-44141.html

o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
                  https://www.samba.org/samba/security/CVE-2021-44142.html

o CVE-2022-0336:  Re-adding an SPN skips subsequent SPN conflict checks.
                  https://www.samba.org/samba/security/CVE-2022-0336.html
?

Adam

Follow-Ups:
- Re: CVS commit: pkgsrc/net/samba4
  - From: Dr. Thomas Orgis

References:
- CVS commit: pkgsrc/net/samba4
  - From: Dr. Thomas Orgis

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: Re: CVS commit: pkgsrc/net/samba4
Previous by Thread: CVS commit: pkgsrc/net/samba4
Next by Thread: Re: CVS commit: pkgsrc/net/samba4
Indexes:

Home | Main Index | Thread Index | Old Index