CVS commit: pkgsrc/net/samba4

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/samba4
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Wed, 20 Sep 2017 15:14:30 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed Sep 20 15:14:30 UTC 2017

Modified Files:
        pkgsrc/net/samba4: Makefile distinfo

Log Message:
net/samba4: update to 4.6.8, security fix

                   =============================
                   Release Notes for Samba 4.6.8
                         September 20, 2017
                   =============================

This is a security release in order to address the following defects:

o  CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
   should)
o  CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o  CVE-2017-12163 (Server memory information leak over SMB1)

=======
Details
=======

o  CVE-2017-12150:
   A man in the middle attack may hijack client connections.

o  CVE-2017-12151:
   A man in the middle attack can read and may alter confidential
   documents transferred via a client connection, which are reached
   via DFS redirect when the original connection used SMB3.

o  CVE-2017-12163:
   Client with write access to a share can cause server memory contents to be
   written into a file or printer.

For more details and workarounds, please see the security advisories:

   o https://www.samba.org/samba/security/CVE-2017-12150.html
   o https://www.samba.org/samba/security/CVE-2017-12151.html
   o https://www.samba.org/samba/security/CVE-2017-12163.html

Changes since 4.6.7:
--------------------

o  Jeremy Allison <jra%samba.org@localhost>
   * BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes
     async.
   * BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from
     writing server memory to file.

o  Ralph Boehme <slow%samba.org@localhost>
   * BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
     directly.

o  Stefan Metzmacher <metze%samba.org@localhost>
   * BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
     redirects.
   * BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
     when they should.


To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/net/samba4/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/samba4/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/samba4/Makefile
diff -u pkgsrc/net/samba4/Makefile:1.34 pkgsrc/net/samba4/Makefile:1.35
--- pkgsrc/net/samba4/Makefile:1.34     Mon Sep 18 06:41:46 2017
+++ pkgsrc/net/samba4/Makefile  Wed Sep 20 15:14:30 2017
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.34 2017/09/18 06:41:46 taca Exp $
+# $NetBSD: Makefile,v 1.35 2017/09/20 15:14:30 taca Exp $
 
 DISTNAME=      samba-${VERSION}
 CATEGORIES=    net
@@ -11,7 +11,7 @@ LICENSE=      gnu-gpl-v3
 
 DEPENDS+=      ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat
 
-VERSION=       4.6.7
+VERSION=       4.6.8
 CONFLICTS+=    ja-samba-[0-9]* tdb-[0-9]* winbind-[0-9]*
 
 BUILD_DEPENDS+=        ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat

Index: pkgsrc/net/samba4/distinfo
diff -u pkgsrc/net/samba4/distinfo:1.15 pkgsrc/net/samba4/distinfo:1.16
--- pkgsrc/net/samba4/distinfo:1.15     Mon Sep 18 06:41:46 2017
+++ pkgsrc/net/samba4/distinfo  Wed Sep 20 15:14:30 2017
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.15 2017/09/18 06:41:46 taca Exp $
+$NetBSD: distinfo,v 1.16 2017/09/20 15:14:30 taca Exp $
 
-SHA1 (samba-4.6.7.tar.gz) = 260053cf4b7b17607a8a94e8bf740979183efadd
-RMD160 (samba-4.6.7.tar.gz) = d755e6419a029dcf819ac12b4e6a8fe28da12b92
-SHA512 (samba-4.6.7.tar.gz) = 394c28204bae4134e6a9d2e5b8f087a425dc4ac4ceecd8b29315acff1a92349d40ef0b6a9cc34f5ad18ff5ec9979199837c87f687858cb4e6687968284303aa5
-Size (samba-4.6.7.tar.gz) = 21137329 bytes
+SHA1 (samba-4.6.8.tar.gz) = 744fa10e3ad8ea7219e51c27f3792d99e25782be
+RMD160 (samba-4.6.8.tar.gz) = 3ecde1cfe97ce50d4864bf5c8e732127f13468bb
+SHA512 (samba-4.6.8.tar.gz) = fb40144210361bdeab09007aa49fa85077fbc8eeae2c49bcdafb01d33ec40425160882979f0829005a89766ed4fd4e36d7f952f6dbf6e0178f5b0945dc8d8efb
+Size (samba-4.6.8.tar.gz) = 21139872 bytes
 SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5
 SHA1 (patch-lib_nss__wrapper_nss__wrapper.c) = c692fa33ec17ed4f1dc1e40c1fadf7846d976824
 SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18

Prev by Date: CVS commit: pkgsrc/meta-pkgs/boost
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/meta-pkgs/boost
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index