./net/samba4, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.11.3, Package name: samba-4.11.3, Maintainer: pkgsrc-users

Samba is the standard Windows interoperability suite of programs
for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License,
the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and
print services for all clients using the SMB/CIFS protocol, such
as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix
Servers and Desktops into Active Directory environments. It can
function both as a domain controller or as a regular domain member.

This package tracks 4.x branch release.

MESSAGE.rcd [+/-]

Required to run:
[textproc/py-expat] [converters/libiconv] [archivers/libarchive] [lang/perl5] [net/py-dns] [security/gnutls] [security/libgcrypt] [devel/p5-Parse-Yapp] [devel/popt] [devel/gettext-lib] [devel/readline] [net/avahi] [textproc/jansson] [devel/talloc] [time/py-iso8601] [devel/cmocka] [databases/lmdb] [lang/python37] [devel/tevent] [databases/ldb]

Required to build:
[textproc/docbook-xml] [textproc/docbook-xsl] [textproc/libxslt] [pkgtools/x11-links] [x11/xcb-proto] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto]

Package options: ads, ldap, pam, winbind

Master sites:

SHA1: cd90090cbe834d9aa86b065eca4dbf3ff7e521f4
RMD160: 81e0b803f97b640882f0dfc6d83c331aaddc9015
Filesize: 18086.368 KB

Version history: (Expand)


CVS history: (Expand)


   2019-12-10 14:03:41 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
samba4: updated to 4.11.3

Samba 4.11.3
This is a security release in order to address the following defects:
o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
		  management server (dnsserver).
o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
		  on Samba AD DC.
   2019-11-23 09:45:45 by Makoto Fujiwara | Files touched by this commit (7)
Log message:
Recursive revbump based on devel/cmocka 1.1.3 -> 1.1.5
   2019-11-10 18:02:34 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
samba4: add missing patch
   2019-11-10 18:01:58 by Adam Ciarcinski | Files touched by this commit (7) | Package updated
Log message:
samba4: updated to 4.11.2

4.11.2:
This is a security release in order to address the following defects:
o CVE-2019-10218: Client code can return filenames containing path separators.
o CVE-2019-14833: Samba AD DC check password script does not receive the full
		  password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC \ 
LDAP server
		  via dirsync.

4.11.1:
This is the latest stable release of the Samba 4.11 release series.

Changes since 4.11.0:
* BUG 14141: getpwnam and getpwuid need to return data for ID_TYPE_BOTH
  group.
* BUG 14094: smbc_readdirplus() is incompatible with smbc_telldir() and
  smbc_lseekdir().
* BUG 14152: s3: smbclient: Stop an SMB2-connection from blundering into
  SMB1-specific calls.
* BUG 14137: Fix stale file handle error when using mkstemp on a share.
* BUG 14106: Fix spnego fallback from kerberos to ntlmssp in smbd server.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14130: s3-winbindd: Fix forest trusts with additional trust attributes.
* BUG 14134: auth/gensec: Fix non-AES schannel seal.
* BUG 14147: Deleted records can be resurrected during recovery.
* BUG 14136: Fix uncaught exception in classicupgrade.
* BUG 14139: fault.c: Improve fault_report message text pointing to our wiki.
* BUG 14128: s3:client: Use DEVICE_URI, instead of argv[0], for Device URI.
* BUG 14124: pam_winbind with krb5_auth or wbinfo -K doesn't work for users
  of trusted domains/forests.
* BUG 14131: Remove 'pod2man' as it is no longer needed.
* BUG 13884: Joining Active Directory should not use SAMR to set the
  password.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14155: 'kpasswd' fails when built with MIT Kerberos.
* BUG 14129: Exit code of ctdb nodestatus should not be influenced by deleted
  nodes.

4.11.0:
* BUG 14049: ldb: Don't try to save a value that isn't there.
* ldb_dn: Free dn components on explode failure.
* ldb: Do not allow adding a DN as a base to itself.
* ldb: Release ldb 2.0.7.
* BUG 13695: ldb: Correct Pigeonhole principle validation in
  ldb_filter_attrs().
* BUG 14049: Fix ldb dn crash.
* BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords \ 
= no".
* BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust
  mutexes.
* BUG 14121: smbd returns bad File-ID on filehandle used to create a file or
  directory.
* BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
* BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to
  load balancers or servers with "multi-tenancy" support.
* BUG 14113: Fix byte range locking bugs/regressions.
* ldb: Fix mem-leak if talloc_realloc fails.
* BUG 14007: Fix join with don't exists machine account.
* BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map.

CHANGES SINCE 4.11.0rc2
* BUG 13972: Different Device Id for GlusterFS FUSE mount is causing data
  loss in CTDB cluster.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14059: ldb: Release ldb 2.0.6 (log database repack so users know what
  is happening).
* BUG 14092: docs: Deprecate "rndc command" for Samba 4.11.
* BUG 14059: ldb: Free memory when repacking database.
* BUG 14089: vfs_default: Use correct flag in vfswrap_fs_file_id.
* BUG 14090: vfs_glusterfs: Initialize st_ex_file_id, st_ex_itime and
  st_ex_iflags.
* BUG 14093: vfs_glusterfs: Enable profiling for file system operations.
* BUG 14059: Backport sambadowngradedatabase for v4.11.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14032: vfs_gpfs: Implement special case for denying owner access to
  ACL.
* BUG 14084: Avoid marking a node as connected before it can receive packets.
* BUG 14086: Fix onnode test failure with ShellCheck >= 0.4.7.
* BUG 14087: ctdb-daemon: Stop "ctdb stop" from completing before freezing
  databases.
   2019-11-03 12:45:59 by Roland Illig | Files touched by this commit (255)
Log message:
net: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.
   2019-09-09 02:33:05 by Takahiro Kambe | Files touched by this commit (1)
Log message:
net/samba4: Makefile format correction

Revert remove of a blank line.  There should be blank line.
Thanks to wiz@ noted via private mail.
   2019-09-05 14:39:57 by Hauke Fath | Files touched by this commit (17)
Log message:
Solarish pthreads expect mutex datastructures to be properly zeroed
out, unlike the Linux implementation, which upstream mainly
targets. This leads to "tdb_open_ex: tdb_mutex_init failed for
/var/samba/lock/gencache.tdb: Device busy" errors, described in
<https://illumos.topicbox.com/groups/developer/T28dcabf2f69cac04>.

Illumos kernel code attempted to mitigate the problem as of
<https://www.illumos.org/issues/9959>, but the changes have yet to
show up in releases.

The patches originate from
<https://github.com/oposs/pkg.oetiker.ch-build/blob/master/build/samba4/patches/pthread_mutex_init>,
modified appropriately.

Tested on omniosce r151030.
   2019-09-04 10:15:33 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
net/samba4: update MASTER_SITES

Update MASTER_SITES switching to https URL.  And remove extra empty line.