CVS commit: [pkgsrc-2016Q1] pkgsrc/net/samba4

["Benny Siegert" <bsiegert%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Apr 15 07:25:11 UTC 2016

Modified Files:
        pkgsrc/net/samba4 [pkgsrc-2016Q1]: Makefile PLIST distinfo

Log Message:
Pullup ticket #4958 - requested by manu
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.17
- net/samba4/PLIST                                              1.6
- net/samba4/distinfo                                           1.9

---
   Module Name:    pkgsrc
   Committed By:   manu
   Date:           Wed Apr 13 08:26:10 UTC 2016

   Modified Files:
           pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   Update net/samba4 to 4.3.8

   This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
   o  CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
   o  CVE-2016-2115 (SMB IPC traffic is not integrity protected)
   o  CVE-2016-2114 ("server signing = mandatory" not enforced)
   o  CVE-2016-2113 (Missing TLS certificate validation)
   o  CVE-2016-2112 (LDAP client and server don't enforce integrity)
   o  CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
   o  CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
   o  CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
   o  CVE-2016-0771 (Out-of-bounds read in internal DNS server)
   o  CVE-2015-5370 (Multiple errors in DCE-RPC code)


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.16.2.1 pkgsrc/net/samba4/Makefile
cvs rdiff -u -r1.5 -r1.5.2.1 pkgsrc/net/samba4/PLIST
cvs rdiff -u -r1.8 -r1.8.2.1 pkgsrc/net/samba4/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.