Received: by mail.netbsd.org (Postfix, from userid 605) id E69EB84D65; Wed, 29 Jul 2020 20:16:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 6973284D60 for ; Wed, 29 Jul 2020 20:16:00 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id ARiNjI4iKN0X for ; Wed, 29 Jul 2020 20:15:59 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id 9702084D25 for ; Wed, 29 Jul 2020 20:15:59 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 89DEAFB28; Wed, 29 Jul 2020 20:15:59 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_159605375993380" MIME-Version: 1.0 Date: Wed, 29 Jul 2020 20:15:59 +0000 From: "Benny Siegert" Subject: CVS commit: [pkgsrc-2020Q2] pkgsrc/net/samba4 To: pkgsrc-changes@NetBSD.org Reply-To: bsiegert@netbsd.org X-Mailer: log_accum Message-Id: <20200729201559.89DEAFB28@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_159605375993380 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: bsiegert Date: Wed Jul 29 20:15:59 UTC 2020 Modified Files: pkgsrc/net/samba4 [pkgsrc-2020Q2]: Makefile PLIST distinfo Added Files: pkgsrc/net/samba4/patches [pkgsrc-2020Q2]: patch-lib_replace_system_passwd.h Log Message: Pullup ticket #6276 - requested by taca net/samba4: security fix Revisions pulled up: - net/samba4/Makefile 1.102 - net/samba4/PLIST 1.31 - net/samba4/distinfo 1.49 - net/samba4/patches/patch-lib_replace_system_passwd.h 1.1 --- Module Name: pkgsrc Committed By: adam Date: Mon Jul 6 14:38:06 UTC 2020 Modified Files: pkgsrc/net/samba4: Makefile PLIST distinfo Added Files: pkgsrc/net/samba4/patches: patch-lib_replace_system_passwd.h Log Message: samba4: updated to 4.12.5 Changes since 4.12.4 -------------------- * BUG 14301: Fix smbd panic on force-close share during async io. * BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name. * BUG 14391: Fix DFS links. * BUG 14310: Can't use DNS functionality after a Windows DC has been in domain. * BUG 14413: ldapi search to FreeIPA crashes. * BUG 14396: Add net-ads-join dnshostname=fqdn option. * BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC. * BUG 14386: docs-xml: Update list of posible VFS operations for vfs_full_audit. * BUG 14382: winbindd: Fix a use-after-free when winbind clients exit. * BUG 14370: Client tools are not able to read gencache anymore. Samba 4.12.4 ============ o CVE-2020-10730: A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer de-reference and further combinations with the LDAP paged_results feature can give a use-after-free in Samba's AD DC LDAP server. o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU. o CVE-2020-10760: The use of the paged_results or VLV controls against the Global Catalog LDAP server on the AD DC will cause a use-after-free. o CVE-2020-14303: The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process further requests once it receives an empty (zero-length) UDP packet to port 137. For more details, please refer to the security advisories. Changes since 4.12.3 -------------------- * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each. * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined. * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV. * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to AD DC nbt_server. * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined, ldb: Bump version to 2.1.4. To generate a diff of this commit: cvs rdiff -u -r1.101 -r1.101.2.1 pkgsrc/net/samba4/Makefile cvs rdiff -u -r1.30 -r1.30.2.1 pkgsrc/net/samba4/PLIST cvs rdiff -u -r1.48 -r1.48.2.1 pkgsrc/net/samba4/distinfo cvs rdiff -u -r0 -r1.1.2.2 \ pkgsrc/net/samba4/patches/patch-lib_replace_system_passwd.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_159605375993380 Content-Disposition: inline Content-Length: 3986 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/samba4/Makefile diff -u pkgsrc/net/samba4/Makefile:1.101 pkgsrc/net/samba4/Makefile:1.101.2.1 --- pkgsrc/net/samba4/Makefile:1.101 Fri May 22 10:55:48 2020 +++ pkgsrc/net/samba4/Makefile Wed Jul 29 20:15:59 2020 @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.101 2020/05/22 10:55:48 adam Exp $ +# $NetBSD: Makefile,v 1.101.2.1 2020/07/29 20:15:59 bsiegert Exp $ -DISTNAME= samba-4.12.3 -PKGREVISION= 1 +DISTNAME= samba-4.12.5 CATEGORIES= net MASTER_SITES= https://download.samba.org/pub/samba/stable/ Index: pkgsrc/net/samba4/PLIST diff -u pkgsrc/net/samba4/PLIST:1.30 pkgsrc/net/samba4/PLIST:1.30.2.1 --- pkgsrc/net/samba4/PLIST:1.30 Tue May 19 12:13:51 2020 +++ pkgsrc/net/samba4/PLIST Wed Jul 29 20:15:59 2020 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.30 2020/05/19 12:13:51 hauke Exp $ +@comment $NetBSD: PLIST,v 1.30.2.1 2020/07/29 20:15:59 bsiegert Exp $ bin/cifsdd bin/dbwrap_tool bin/dumpmscat @@ -404,6 +404,7 @@ ${PYSITELIB}/samba/tests/dns_base.py ${PYSITELIB}/samba/tests/dns_forwarder.py ${PYSITELIB}/samba/tests/dns_forwarder_helpers/server.py ${PYSITELIB}/samba/tests/dns_invalid.py +${PYSITELIB}/samba/tests/dns_packet.py ${PYSITELIB}/samba/tests/dns_tkey.py ${PYSITELIB}/samba/tests/dns_wildcard.py ${PYSITELIB}/samba/tests/docs.py Index: pkgsrc/net/samba4/distinfo diff -u pkgsrc/net/samba4/distinfo:1.48 pkgsrc/net/samba4/distinfo:1.48.2.1 --- pkgsrc/net/samba4/distinfo:1.48 Tue May 26 13:11:01 2020 +++ pkgsrc/net/samba4/distinfo Wed Jul 29 20:15:59 2020 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.48 2020/05/26 13:11:01 jperkin Exp $ +$NetBSD: distinfo,v 1.48.2.1 2020/07/29 20:15:59 bsiegert Exp $ -SHA1 (samba-4.12.3.tar.gz) = 08109949a70c88010dd4b53d1ae088b7e1a282eb -RMD160 (samba-4.12.3.tar.gz) = 9d4a4d7d1da5367a1f442ba0ff3ea8abde1ba69e -SHA512 (samba-4.12.3.tar.gz) = 5de66c21db0710880b6e0347ae1eff17ff1881eb926e9a0cf5af9ddc27599cf8daa9ca6ea35b2a0a2158226a38cdf7074b28a51e460a139720c78a522b1a5908 -Size (samba-4.12.3.tar.gz) = 18203604 bytes +SHA1 (samba-4.12.5.tar.gz) = 67322997b5588b95c8f9d3fb85f9709deea885cd +RMD160 (samba-4.12.5.tar.gz) = 5dd2eff38edbb1c0872222559fc08b7e57c5d3c7 +SHA512 (samba-4.12.5.tar.gz) = 45ef618efaca88fb24e2069edff6bf1e3f27f4bedecbc7899a57d0e4760effeaf9b0f546be1aeeee4f811219cf29a49a122ecc5caf8dc923c42ff9a25c162c2b +Size (samba-4.12.5.tar.gz) = 18220369 bytes SHA1 (patch-buildtools_wafsamba_samba__conftests.py) = d927db17124d2bb5b382885e70a41f84c3929926 SHA1 (patch-buildtools_wafsamba_samba__install.py) = d801340617da325e3bb70a90350e45cc8e383c2d SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = e4c0ed3dacfcf5613a5b397b3c6cf88509497da7 @@ -12,6 +12,7 @@ SHA1 (patch-buildtools_wafsamba_wscript) SHA1 (patch-dynconfig_wscript) = 1858e5fcca913f21aa3e7868d9760b9c40c9f5c4 SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18 SHA1 (patch-lib_pthreadpool_pthreadpool.c) = c29490473063d6bdbe5c50780a21bf2869ae959f +SHA1 (patch-lib_replace_system_passwd.h) = 652be067b2560310ce3a4bbf37c24cb2fa8eb82d SHA1 (patch-lib_replace_wscript) = 2a754e7310850b376d5881b82a8467041284fce9 SHA1 (patch-lib_tdb_common_mutex.c) = 12dbcf870e6ba17ef7f92a8ce7f0b7462f820232 SHA1 (patch-lib_tevent_tevent.c) = 4a20506e2bfbab85bad664299b884575326e73fd Added files: Index: pkgsrc/net/samba4/patches/patch-lib_replace_system_passwd.h diff -u /dev/null pkgsrc/net/samba4/patches/patch-lib_replace_system_passwd.h:1.1.2.2 --- /dev/null Wed Jul 29 20:15:59 2020 +++ pkgsrc/net/samba4/patches/patch-lib_replace_system_passwd.h Wed Jul 29 20:15:59 2020 @@ -0,0 +1,16 @@ +$NetBSD: patch-lib_replace_system_passwd.h,v 1.1.2.2 2020/07/29 20:15:59 bsiegert Exp $ + +Fix building. +https://bugzilla.samba.org/show_bug.cgi?id=14415 + +--- lib/replace/system/passwd.h.orig 2020-07-06 10:27:14.000000000 +0000 ++++ lib/replace/system/passwd.h +@@ -89,4 +89,8 @@ + #define ULTRIX_AUTH 1 + #endif + ++#ifndef NSS_BUFLEN_PASSWD ++#define NSS_BUFLEN_PASSWD 1024 ++#endif ++ + #endif --_----------=_159605375993380--