Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2020Q2]: pkgsrc/net/samba4 Pullup ticket #6276 - requested by ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/e9e9c980cb9b
branches:  pkgsrc-2020Q2
changeset: 436232:e9e9c980cb9b
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Wed Jul 29 20:15:59 2020 +0000

description:
Pullup ticket #6276 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.102
- net/samba4/PLIST                                              1.31
- net/samba4/distinfo                                           1.49
- net/samba4/patches/patch-lib_replace_system_passwd.h          1.1

---
   Module Name: pkgsrc
   Committed By:        adam
   Date:                Mon Jul  6 14:38:06 UTC 2020

   Modified Files:
        pkgsrc/net/samba4: Makefile PLIST distinfo
   Added Files:
        pkgsrc/net/samba4/patches: patch-lib_replace_system_passwd.h

   Log Message:
   samba4: updated to 4.12.5

   Changes since 4.12.4
   --------------------
      * BUG 14301: Fix smbd panic on force-close share during async io.
      * BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
        folder that contains incorrect symbols in any file name.
      * BUG 14391: Fix DFS links.
      * BUG 14310: Can't use DNS functionality after a Windows DC has been in
        domain.
      * BUG 14413: ldapi search to FreeIPA crashes.
      * BUG 14396: Add net-ads-join dnshostname=fqdn option.
      * BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
      * BUG 14386: docs-xml: Update list of posible VFS operations for
        vfs_full_audit.
      * BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
      * BUG 14370: Client tools are not able to read gencache anymore.

   Samba 4.12.4
   ============
   o  CVE-2020-10730:
      A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
      de-reference and further combinations with the LDAP paged_results feature can
      give a use-after-free in Samba's AD DC LDAP server.

   o  CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
      excessive CPU.

   o  CVE-2020-10760:
      The use of the paged_results or VLV controls against the Global Catalog LDAP
      server on the AD DC will cause a use-after-free.

   o  CVE-2020-14303:
      The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
      further requests once it receives an empty (zero-length) UDP packet to
      port 137.

   For more details, please refer to the security advisories.

   Changes since 4.12.3
   --------------------
      * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
        several seconds of CPU each.
      * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
        and VLV combined.
      * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
        server with paged_result or VLV.
      * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
        AD DC nbt_server.
      * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
        and VLV combined, ldb: Bump version to 2.1.4.

diffstat:

 net/samba4/Makefile                                  |   5 ++---
 net/samba4/PLIST                                     |   3 ++-
 net/samba4/distinfo                                  |  11 ++++++-----
 net/samba4/patches/patch-lib_replace_system_passwd.h |  16 ++++++++++++++++
 4 files changed, 26 insertions(+), 9 deletions(-)

diffs (76 lines):

diff -r 8edd9a92d65b -r e9e9c980cb9b net/samba4/Makefile
--- a/net/samba4/Makefile       Wed Jul 29 19:40:51 2020 +0000
+++ b/net/samba4/Makefile       Wed Jul 29 20:15:59 2020 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.101 2020/05/22 10:55:48 adam Exp $
+# $NetBSD: Makefile,v 1.101.2.1 2020/07/29 20:15:59 bsiegert Exp $
 
-DISTNAME=      samba-4.12.3
-PKGREVISION=   1
+DISTNAME=      samba-4.12.5
 CATEGORIES=    net
 MASTER_SITES=  https://download.samba.org/pub/samba/stable/
 
diff -r 8edd9a92d65b -r e9e9c980cb9b net/samba4/PLIST
--- a/net/samba4/PLIST  Wed Jul 29 19:40:51 2020 +0000
+++ b/net/samba4/PLIST  Wed Jul 29 20:15:59 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.30 2020/05/19 12:13:51 hauke Exp $
+@comment $NetBSD: PLIST,v 1.30.2.1 2020/07/29 20:15:59 bsiegert Exp $
 bin/cifsdd
 bin/dbwrap_tool
 bin/dumpmscat
@@ -404,6 +404,7 @@
 ${PYSITELIB}/samba/tests/dns_forwarder.py
 ${PYSITELIB}/samba/tests/dns_forwarder_helpers/server.py
 ${PYSITELIB}/samba/tests/dns_invalid.py
+${PYSITELIB}/samba/tests/dns_packet.py
 ${PYSITELIB}/samba/tests/dns_tkey.py
 ${PYSITELIB}/samba/tests/dns_wildcard.py
 ${PYSITELIB}/samba/tests/docs.py
diff -r 8edd9a92d65b -r e9e9c980cb9b net/samba4/distinfo
--- a/net/samba4/distinfo       Wed Jul 29 19:40:51 2020 +0000
+++ b/net/samba4/distinfo       Wed Jul 29 20:15:59 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.48 2020/05/26 13:11:01 jperkin Exp $
+$NetBSD: distinfo,v 1.48.2.1 2020/07/29 20:15:59 bsiegert Exp $
 
-SHA1 (samba-4.12.3.tar.gz) = 08109949a70c88010dd4b53d1ae088b7e1a282eb
-RMD160 (samba-4.12.3.tar.gz) = 9d4a4d7d1da5367a1f442ba0ff3ea8abde1ba69e
-SHA512 (samba-4.12.3.tar.gz) = 5de66c21db0710880b6e0347ae1eff17ff1881eb926e9a0cf5af9ddc27599cf8daa9ca6ea35b2a0a2158226a38cdf7074b28a51e460a139720c78a522b1a5908
-Size (samba-4.12.3.tar.gz) = 18203604 bytes
+SHA1 (samba-4.12.5.tar.gz) = 67322997b5588b95c8f9d3fb85f9709deea885cd
+RMD160 (samba-4.12.5.tar.gz) = 5dd2eff38edbb1c0872222559fc08b7e57c5d3c7
+SHA512 (samba-4.12.5.tar.gz) = 45ef618efaca88fb24e2069edff6bf1e3f27f4bedecbc7899a57d0e4760effeaf9b0f546be1aeeee4f811219cf29a49a122ecc5caf8dc923c42ff9a25c162c2b
+Size (samba-4.12.5.tar.gz) = 18220369 bytes
 SHA1 (patch-buildtools_wafsamba_samba__conftests.py) = d927db17124d2bb5b382885e70a41f84c3929926
 SHA1 (patch-buildtools_wafsamba_samba__install.py) = d801340617da325e3bb70a90350e45cc8e383c2d
 SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = e4c0ed3dacfcf5613a5b397b3c6cf88509497da7
@@ -12,6 +12,7 @@
 SHA1 (patch-dynconfig_wscript) = 1858e5fcca913f21aa3e7868d9760b9c40c9f5c4
 SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18
 SHA1 (patch-lib_pthreadpool_pthreadpool.c) = c29490473063d6bdbe5c50780a21bf2869ae959f
+SHA1 (patch-lib_replace_system_passwd.h) = 652be067b2560310ce3a4bbf37c24cb2fa8eb82d
 SHA1 (patch-lib_replace_wscript) = 2a754e7310850b376d5881b82a8467041284fce9
 SHA1 (patch-lib_tdb_common_mutex.c) = 12dbcf870e6ba17ef7f92a8ce7f0b7462f820232
 SHA1 (patch-lib_tevent_tevent.c) = 4a20506e2bfbab85bad664299b884575326e73fd
diff -r 8edd9a92d65b -r e9e9c980cb9b net/samba4/patches/patch-lib_replace_system_passwd.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/samba4/patches/patch-lib_replace_system_passwd.h      Wed Jul 29 20:15:59 2020 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-lib_replace_system_passwd.h,v 1.1.2.2 2020/07/29 20:15:59 bsiegert Exp $
+
+Fix building.
+https://bugzilla.samba.org/show_bug.cgi?id=14415
+
+--- lib/replace/system/passwd.h.orig   2020-07-06 10:27:14.000000000 +0000
++++ lib/replace/system/passwd.h
+@@ -89,4 +89,8 @@
+ #define ULTRIX_AUTH 1
+ #endif
+ 
++#ifndef NSS_BUFLEN_PASSWD
++#define NSS_BUFLEN_PASSWD 1024
++#endif
++
+ #endif



Home | Main Index | Thread Index | Old Index