CVS commit: [pkgsrc-2023Q1] pkgsrc/net/samba4

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2023Q1] pkgsrc/net/samba4
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Sat, 1 Apr 2023 18:55:38 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Sat Apr  1 18:55:38 UTC 2023

Modified Files:
        pkgsrc/net/samba4 [pkgsrc-2023Q1]: Makefile distinfo

Log Message:
Pullup ticket #6744 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.161
- net/samba4/distinfo                                           1.91

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Apr  1 08:49:05 UTC 2023

   Modified Files:
        pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   net/samba4: update to 4.17.7

                      ==============================
                      Release Notes for Samba 4.17.7
                              March 29, 2023
                      ==============================

   This is a security release in order to address the following defects:

   o CVE-2023-0225: An incomplete access check on dnsHostName allows authenticated
                    but otherwise unprivileged users to delete this attribute from
                    any object in the directory.
                    https://www.samba.org/samba/security/CVE-2023-0225.html

   o CVE-2023-0922: The Samba AD DC administration tool, when operating against a
                    remote LDAP server, will by default send new or reset
                    passwords over a signed-only connection.
                    https://www.samba.org/samba/security/CVE-2023-0922.html

   o CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919
                    Confidential attribute disclosure via LDAP filters was
                    insufficient and an attacker may be able to obtain
                    confidential BitLocker recovery keys from a Samba AD DC.
                    Installations with such secrets in their Samba AD should
                    assume they have been obtained and need replacing.
                    https://www.samba.org/samba/security/CVE-2023-0614.html


To generate a diff of this commit:
cvs rdiff -u -r1.160 -r1.160.2.1 pkgsrc/net/samba4/Makefile
cvs rdiff -u -r1.90 -r1.90.2.1 pkgsrc/net/samba4/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/samba4/Makefile
diff -u pkgsrc/net/samba4/Makefile:1.160 pkgsrc/net/samba4/Makefile:1.160.2.1
--- pkgsrc/net/samba4/Makefile:1.160    Fri Mar 17 14:01:50 2023
+++ pkgsrc/net/samba4/Makefile  Sat Apr  1 18:55:38 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.160 2023/03/17 14:01:50 taca Exp $
+# $NetBSD: Makefile,v 1.160.2.1 2023/04/01 18:55:38 bsiegert Exp $
 
-DISTNAME=      samba-4.17.6
+DISTNAME=      samba-4.17.7
 CATEGORIES=    net
 MASTER_SITES=  https://download.samba.org/pub/samba/stable/
 
@@ -207,7 +207,7 @@ REPLACE_PYTHON+=    source4/scripting/bin/*
 .endif
 .include "../../archivers/libarchive/buildlink3.mk"
 .include "../../converters/libiconv/buildlink3.mk"
-BUILDLINK_API_DEPENDS.ldb+=    ldb>=2.6.1<2.7
+BUILDLINK_API_DEPENDS.ldb+=    ldb>=2.6.2<2.7
 .include "../../databases/ldb/buildlink3.mk"
 .include "../../databases/lmdb/buildlink3.mk"
 .include "../../devel/cmocka/buildlink3.mk"

Index: pkgsrc/net/samba4/distinfo
diff -u pkgsrc/net/samba4/distinfo:1.90 pkgsrc/net/samba4/distinfo:1.90.2.1
--- pkgsrc/net/samba4/distinfo:1.90     Fri Mar 17 14:01:50 2023
+++ pkgsrc/net/samba4/distinfo  Sat Apr  1 18:55:38 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.90 2023/03/17 14:01:50 taca Exp $
+$NetBSD: distinfo,v 1.90.2.1 2023/04/01 18:55:38 bsiegert Exp $
 
-BLAKE2s (samba-4.17.6.tar.gz) = b3c858a1989063022715c30e79ba7c587306f00c61624e52b7521914b6eb25f3
-SHA512 (samba-4.17.6.tar.gz) = f3571828b471eb34dd10d49708d189c0c2820892b002c8bf272969421e69a3d92259088f30bd87304e6fae614621371cab5a3b581c47a925904b420246af6553
-Size (samba-4.17.6.tar.gz) = 30857472 bytes
+BLAKE2s (samba-4.17.7.tar.gz) = 80304d23cf0add5af1790379c533f0226a88fa81615528bc658289790fb493ec
+SHA512 (samba-4.17.7.tar.gz) = ab6c4fedb1769447f028e4fa1ae91b2a80ad9cb809e6a78562350c90d7ef493793e876d19057854b2f87553655a8b766306deeda6e78a062e9d5daea49994fe4
+Size (samba-4.17.7.tar.gz) = 30862665 bytes
 SHA1 (patch-buildtools_wafsamba_samba__conftests.py) = d927db17124d2bb5b382885e70a41f84c3929926
 SHA1 (patch-buildtools_wafsamba_samba__install.py) = d801340617da325e3bb70a90350e45cc8e383c2d
 SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = e4c0ed3dacfcf5613a5b397b3c6cf88509497da7

Prev by Date: CVS commit: [pkgsrc-2023Q1] pkgsrc/databases/ldb
Next by Date: CVS commit: [pkgsrc-2023Q1] pkgsrc/doc
Previous by Thread: CVS commit: [pkgsrc-2023Q1] pkgsrc/databases/ldb
Next by Thread: CVS commit: [pkgsrc-2023Q1] pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index