Pullup ticket #5011 - requested by taca net/samba4: security fix Revisions pulled up: - net/samba4/Makefile 1.18 - net/samba4/PLIST 1.7 - net/samba4/distinfo 1.10 - net/samba4/patches/patch-lib_nss__wrapper_wscript deleted --- Module Name: pkgsrc Committed By: taca Date: Sat May 7 03:09:33 UTC 2016 Modified Files: pkgsrc/net/samba4: Makefile PLIST distinfo Removed Files: pkgsrc/net/samba4/patches: patch-lib_nss__wrapper_wscript Log Message: Update samba4 to 4.3.8, which contains security fix. This release fixes some regressions introduced by the last security fixes. Please see bug https://bugzilla.samba.org/show_bug.cgi?id=11849 for a list of bugs addressing these regressions and more information. Changes since 4.3.8: -------------------- o Jeremy Allison <jra@samba.org> * BUG 11742: lib: tevent: Fix memory leak when old signal action restored. * BUG 11771: lib: tevent: Fix memory leak when old signal action restored. * BUG 11822: s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1. o Andrew Bartlett <abartlet@samba.org> * BUG 11780: smbd: Only check dev/inode in open_directory, not the full stat(). * BUG 11789: pydsdb: Fix returning of ldb.MessageElement. o Berend De Schouwer <berend.de.schouwer@gmail.com> * BUG 11643: docs: Add example for domain logins to smbspool man page. o Gç«Żnther Deschner <gd@samba.org> * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build. o Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it> * BUG 8093: access based share enum: Handle permission set in configuration files. o Volker Lendecke <vl@samba.org> * BUG 11816: nwrap: Fix the build on Solaris. * BUG 11827: vfs_catia: Fix memleak. * BUG 11878: smbd: Avoid large reads beyond EOF. o Stefan Metzmacher <metze@samba.org> * BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before dereferencing an ioctl response. * BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np. * BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on ldap_add. * BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action restored. * BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain list. * BUG 11789: s3:wscript: pylibsmb depends on pycredentials. * BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share. * BUG 11847: Only validate MIC if "map to guest" is not being used. * BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego option for testing. * BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN. * BUG 11858: Allow anonymous smb connections. * BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5). * BUG 11872: Fix 'wbinfo -u' and 'net ads search'. o Noel Power <noel.power@suse.com> * BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee. o Garming Sam <garming@catalyst.net.nz> * BUG 11789: build: Mark explicit dependencies on pytalloc-util. o Partha Sarathi <partha@exablox.com> * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel. o Jorge Schrauwen <sjorge@blackdot.be> * BUG 11816: configure: Don't check for inotify on illumos. o Uri Simchoni <uri@samba.org> * BUG 11691: winbindd: Return trust parameters when listing trusts. * BUG 11753: smbd: Ignore SVHDX create context. * BUG 11763: passdb: Add linefeed to debug message. * BUG 11788: build: Fix disk-free quota support on Solaris 10. * BUG 11798: build: Fix build when '--without-quota' specified. * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls" is set. * BUG 11852: libads: Record session expiry for spnego sasl binds. o Hemanth Thummala <hemanth.thummala@nutanix.com> * BUG 11740: Real memory leak(buildup) issue in loadparm. * BUG 11840: Mask general purpose signals for notifyd.diff -r1.16.2.1 -r1.16.2.2 pkgsrc/net/samba4/Makefile
(bsiegert)
@@ -1,27 +1,27 @@ | @@ -1,27 +1,27 @@ | |||
1 | # $NetBSD: Makefile,v 1.16.2.1 2016/04/15 07:25:11 bsiegert Exp $ | 1 | # $NetBSD: Makefile,v 1.16.2.2 2016/05/13 14:49:20 bsiegert Exp $ | |
2 | 2 | |||
3 | DISTNAME= samba-${VERSION} | 3 | DISTNAME= samba-${VERSION} | |
4 | CATEGORIES= net | 4 | CATEGORIES= net | |
5 | MASTER_SITES= http://download.samba.org/pub/samba/stable/ | 5 | MASTER_SITES= http://download.samba.org/pub/samba/stable/ | |
6 | 6 | |||
7 | MAINTAINER= pkgsrc-users@NetBSD.org | 7 | MAINTAINER= pkgsrc-users@NetBSD.org | |
8 | HOMEPAGE= http://www.samba.org/ | 8 | HOMEPAGE= http://www.samba.org/ | |
9 | COMMENT= SMB/CIFS protocol server suite | 9 | COMMENT= SMB/CIFS protocol server suite | |
10 | LICENSE= gnu-gpl-v3 | 10 | LICENSE= gnu-gpl-v3 | |
11 | 11 | |||
12 | DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat | 12 | DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat | |
13 | 13 | |||
14 | VERSION= 4.3.8 | 14 | VERSION= 4.3.9 | |
15 | CONFLICTS+= ja-samba-[0-9]* pam-smbpass-[0-9]* tdb-[0-9]* winbind-[0-9]* | 15 | CONFLICTS+= ja-samba-[0-9]* pam-smbpass-[0-9]* tdb-[0-9]* winbind-[0-9]* | |
16 | 16 | |||
17 | BUILD_DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat | 17 | BUILD_DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat | |
18 | 18 | |||
19 | BUILD_DEFS+= VARBASE | 19 | BUILD_DEFS+= VARBASE | |
20 | 20 | |||
21 | .include "../../mk/bsd.prefs.mk" | 21 | .include "../../mk/bsd.prefs.mk" | |
22 | 22 | |||
23 | SMB_LIB?= ${PREFIX}/lib | 23 | SMB_LIB?= ${PREFIX}/lib | |
24 | 24 | |||
25 | PKG_SYSCONFSUBDIR= samba | 25 | PKG_SYSCONFSUBDIR= samba | |
26 | SMB_SHAREDSTATE?= ${PREFIX}/com | 26 | SMB_SHAREDSTATE?= ${PREFIX}/com | |
27 | SMB_LOCALSTATE?= ${VARBASE} | 27 | SMB_LOCALSTATE?= ${VARBASE} |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.5.2.1 2016/04/15 07:25:11 bsiegert Exp $ | 1 | @comment $NetBSD: PLIST,v 1.5.2.2 2016/05/13 14:49:20 bsiegert Exp $ | |
2 | bin/cifsdd | 2 | bin/cifsdd | |
3 | bin/dbwrap_tool | 3 | bin/dbwrap_tool | |
4 | bin/eventlogadm | 4 | bin/eventlogadm | |
5 | bin/gentest | 5 | bin/gentest | |
6 | bin/ldbadd | 6 | bin/ldbadd | |
7 | bin/ldbdel | 7 | bin/ldbdel | |
8 | bin/ldbedit | 8 | bin/ldbedit | |
9 | bin/ldbmodify | 9 | bin/ldbmodify | |
10 | bin/ldbrename | 10 | bin/ldbrename | |
11 | bin/ldbsearch | 11 | bin/ldbsearch | |
12 | bin/locktest | 12 | bin/locktest | |
13 | bin/masktest | 13 | bin/masktest | |
14 | bin/ndrdump | 14 | bin/ndrdump | |
@@ -639,27 +639,27 @@ lib/samba/private/libsmbd-conn-samba4.so | @@ -639,27 +639,27 @@ lib/samba/private/libsmbd-conn-samba4.so | |||
639 | lib/samba/private/libsmbd-shim-samba4.so | 639 | lib/samba/private/libsmbd-shim-samba4.so | |
640 | ${PLIST.ldap}lib/samba/private/libsmbldaphelper-samba4.so | 640 | ${PLIST.ldap}lib/samba/private/libsmbldaphelper-samba4.so | |
641 | lib/samba/private/libsmbpasswdparser-samba4.so | 641 | lib/samba/private/libsmbpasswdparser-samba4.so | |
642 | lib/samba/private/libsmbregistry-samba4.so | 642 | lib/samba/private/libsmbregistry-samba4.so | |
643 | lib/samba/private/libsocket-blocking-samba4.so | 643 | lib/samba/private/libsocket-blocking-samba4.so | |
644 | lib/samba/private/libsys-rw-samba4.so | 644 | lib/samba/private/libsys-rw-samba4.so | |
645 | lib/samba/private/libtalloc-report-samba4.so | 645 | lib/samba/private/libtalloc-report-samba4.so | |
646 | lib/samba/private/libtalloc.so.2 | 646 | lib/samba/private/libtalloc.so.2 | |
647 | lib/samba/private/libtalloc.so.2.1.3 | 647 | lib/samba/private/libtalloc.so.2.1.3 | |
648 | lib/samba/private/libtdb-wrap-samba4.so | 648 | lib/samba/private/libtdb-wrap-samba4.so | |
649 | lib/samba/private/libtdb.so.1 | 649 | lib/samba/private/libtdb.so.1 | |
650 | lib/samba/private/libtdb.so.1.3.7 | 650 | lib/samba/private/libtdb.so.1.3.7 | |
651 | lib/samba/private/libtevent.so.0 | 651 | lib/samba/private/libtevent.so.0 | |
652 | lib/samba/private/libtevent.so.0.9.25 | 652 | lib/samba/private/libtevent.so.0.9.28 | |
653 | lib/samba/private/libtime-basic-samba4.so | 653 | lib/samba/private/libtime-basic-samba4.so | |
654 | lib/samba/private/libtrusts-util-samba4.so | 654 | lib/samba/private/libtrusts-util-samba4.so | |
655 | lib/samba/private/libutil-cmdline-samba4.so | 655 | lib/samba/private/libutil-cmdline-samba4.so | |
656 | lib/samba/private/libutil-reg-samba4.so | 656 | lib/samba/private/libutil-reg-samba4.so | |
657 | lib/samba/private/libutil-setid-samba4.so | 657 | lib/samba/private/libutil-setid-samba4.so | |
658 | lib/samba/private/libutil-tdb-samba4.so | 658 | lib/samba/private/libutil-tdb-samba4.so | |
659 | lib/samba/private/libwinbind-client-samba4.so | 659 | lib/samba/private/libwinbind-client-samba4.so | |
660 | lib/samba/private/libxattr-tdb-samba4.so | 660 | lib/samba/private/libxattr-tdb-samba4.so | |
661 | ${PLIST.pam}lib/samba/security/pam_smbpass.so | 661 | ${PLIST.pam}lib/samba/security/pam_smbpass.so | |
662 | ${PLIST.pam}lib/samba/security/pam_winbind.so | 662 | ${PLIST.pam}lib/samba/security/pam_winbind.so | |
663 | lib/samba/vfs/acl_tdb.so | 663 | lib/samba/vfs/acl_tdb.so | |
664 | lib/samba/vfs/acl_xattr.so | 664 | lib/samba/vfs/acl_xattr.so | |
665 | lib/samba/vfs/aio_fork.so | 665 | lib/samba/vfs/aio_fork.so |
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | $NetBSD: distinfo,v 1.8.2.1 2016/04/15 07:25:11 bsiegert Exp $ | 1 | $NetBSD: distinfo,v 1.8.2.2 2016/05/13 14:49:20 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (samba-4.3.8.tar.gz) = e7ff0e040e2b273ac14f1bb3b65d643c2abf0ca7 | 3 | SHA1 (samba-4.3.9.tar.gz) = d31423f80918af52cd6d5b2005d76d02975dbfd5 | |
4 | RMD160 (samba-4.3.8.tar.gz) = b84f715a5f46ed8486919ae2d247886cc70af2ae | 4 | RMD160 (samba-4.3.9.tar.gz) = 8bfd170d9c14f75e728a051dea335d3365c2afea | |
5 | Size (samba-4.3.8.tar.gz) = 20568773 bytes | 5 | SHA512 (samba-4.3.9.tar.gz) = bc90c88d8defd3acec7c671e8ceacec31e3111540aabee7ec6f11cdeaf61bbd993525e2b765e3b50801c8079e1168cf496b3e5e6a56118d6493ae5da60d34c41 | |
6 | Size (samba-4.3.9.tar.gz) = 20570849 bytes | |||
6 | SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5 | 7 | SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5 | |
7 | SHA1 (patch-lib_nss__wrapper_nss__wrapper.c) = c692fa33ec17ed4f1dc1e40c1fadf7846d976824 | 8 | SHA1 (patch-lib_nss__wrapper_nss__wrapper.c) = c692fa33ec17ed4f1dc1e40c1fadf7846d976824 | |
8 | SHA1 (patch-lib_nss__wrapper_wscript) = 1ce37974f93e791c9e0b1bdc34d26890583fdbfb | |||
9 | SHA1 (patch-lib_param_loadparm.h) = d1c9df37bb9969d2788dd70e613067df6bb64f26 | 9 | SHA1 (patch-lib_param_loadparm.h) = d1c9df37bb9969d2788dd70e613067df6bb64f26 | |
10 | SHA1 (patch-lib_replace_wscript) = b6a042c2c13c0be78d7b64c0ce2efdaf4bbb1f3b | 10 | SHA1 (patch-lib_replace_wscript) = b6a042c2c13c0be78d7b64c0ce2efdaf4bbb1f3b | |
11 | SHA1 (patch-lib_tevent_wscript) = 9617b9e40d2ffc8d6297390a20ba9bd44147d669 | 11 | SHA1 (patch-lib_tevent_wscript) = 9617b9e40d2ffc8d6297390a20ba9bd44147d669 | |
12 | SHA1 (patch-nsswitch_wscript__build) = e8a6251e031ffa13d6347fade8891f7afd65d3eb | 12 | SHA1 (patch-nsswitch_wscript__build) = e8a6251e031ffa13d6347fade8891f7afd65d3eb | |
13 | SHA1 (patch-source3_script_tests_test__smbclient__s3.sh) = 26cd7dc3a5a282f5b80e00b52db6abd722555254 | 13 | SHA1 (patch-source3_script_tests_test__smbclient__s3.sh) = 26cd7dc3a5a282f5b80e00b52db6abd722555254 | |
14 | SHA1 (patch-source4_scripting_wsript_build) = 6053076427835ac4fe97d93b2ff67d2caccc71f4 | 14 | SHA1 (patch-source4_scripting_wsript_build) = 6053076427835ac4fe97d93b2ff67d2caccc71f4 | |
15 | SHA1 (patch-testprogs_blackbox_dbcheck-oldrelease.sh) = 0bd2067b77a1db93e3cb5d80964a7be2b06802ff | 15 | SHA1 (patch-testprogs_blackbox_dbcheck-oldrelease.sh) = 0bd2067b77a1db93e3cb5d80964a7be2b06802ff |