pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/samba4 net/samba4: update to 4.6.8, security fix
details: https://anonhg.NetBSD.org/pkgsrc/rev/af452c27ed20
branches: trunk
changeset: 368893:af452c27ed20
user: taca <taca%pkgsrc.org@localhost>
date: Wed Sep 20 15:14:30 2017 +0000
description:
net/samba4: update to 4.6.8, security fix
=============================
Release Notes for Samba 4.6.8
September 20, 2017
=============================
This is a security release in order to address the following defects:
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
=======
Details
=======
o CVE-2017-12150:
A man in the middle attack may hijack client connections.
o CVE-2017-12151:
A man in the middle attack can read and may alter confidential
documents transferred via a client connection, which are reached
via DFS redirect when the original connection used SMB3.
o CVE-2017-12163:
Client with write access to a share can cause server memory contents to be
written into a file or printer.
For more details and workarounds, please see the security advisories:
o https://www.samba.org/samba/security/CVE-2017-12150.html
o https://www.samba.org/samba/security/CVE-2017-12151.html
o https://www.samba.org/samba/security/CVE-2017-12163.html
Changes since 4.6.7:
--------------------
o Jeremy Allison <jra%samba.org@localhost>
* BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes
async.
* BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from
writing server memory to file.
o Ralph Boehme <slow%samba.org@localhost>
* BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
directly.
o Stefan Metzmacher <metze%samba.org@localhost>
* BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
redirects.
* BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
when they should.
diffstat:
net/samba4/Makefile | 4 ++--
net/samba4/distinfo | 10 +++++-----
2 files changed, 7 insertions(+), 7 deletions(-)
diffs (36 lines):
diff -r 750e580089f5 -r af452c27ed20 net/samba4/Makefile
--- a/net/samba4/Makefile Wed Sep 20 14:33:25 2017 +0000
+++ b/net/samba4/Makefile Wed Sep 20 15:14:30 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.34 2017/09/18 06:41:46 taca Exp $
+# $NetBSD: Makefile,v 1.35 2017/09/20 15:14:30 taca Exp $
DISTNAME= samba-${VERSION}
CATEGORIES= net
@@ -11,7 +11,7 @@
DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat
-VERSION= 4.6.7
+VERSION= 4.6.8
CONFLICTS+= ja-samba-[0-9]* tdb-[0-9]* winbind-[0-9]*
BUILD_DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat
diff -r 750e580089f5 -r af452c27ed20 net/samba4/distinfo
--- a/net/samba4/distinfo Wed Sep 20 14:33:25 2017 +0000
+++ b/net/samba4/distinfo Wed Sep 20 15:14:30 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.15 2017/09/18 06:41:46 taca Exp $
+$NetBSD: distinfo,v 1.16 2017/09/20 15:14:30 taca Exp $
-SHA1 (samba-4.6.7.tar.gz) = 260053cf4b7b17607a8a94e8bf740979183efadd
-RMD160 (samba-4.6.7.tar.gz) = d755e6419a029dcf819ac12b4e6a8fe28da12b92
-SHA512 (samba-4.6.7.tar.gz) = 394c28204bae4134e6a9d2e5b8f087a425dc4ac4ceecd8b29315acff1a92349d40ef0b6a9cc34f5ad18ff5ec9979199837c87f687858cb4e6687968284303aa5
-Size (samba-4.6.7.tar.gz) = 21137329 bytes
+SHA1 (samba-4.6.8.tar.gz) = 744fa10e3ad8ea7219e51c27f3792d99e25782be
+RMD160 (samba-4.6.8.tar.gz) = 3ecde1cfe97ce50d4864bf5c8e732127f13468bb
+SHA512 (samba-4.6.8.tar.gz) = fb40144210361bdeab09007aa49fa85077fbc8eeae2c49bcdafb01d33ec40425160882979f0829005a89766ed4fd4e36d7f952f6dbf6e0178f5b0945dc8d8efb
+Size (samba-4.6.8.tar.gz) = 21139872 bytes
SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5
SHA1 (patch-lib_nss__wrapper_nss__wrapper.c) = c692fa33ec17ed4f1dc1e40c1fadf7846d976824
SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18
Home |
Main Index |
Thread Index |
Old Index