pkgsrc.se | The NetBSD package collection

./net/samba4, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2016Q1, Version: 4.3.9, Package name: samba-4.3.9, Maintainer: pkgsrc-users

Samba is the standard Windows interoperability suite of programs
for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License,
the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and
print services for all clients using the SMB/CIFS protocol, such
as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix
Servers and Desktops into Active Directory environments. It can
function both as a domain controller or as a regular domain member.

This package tracks 4.x branch release.

MESSAGE.rcd [+/-]

Required to run:
[lang/python27] [lang/perl5] [devel/popt] [devel/readline] [devel/gettext-lib] [converters/libiconv] [textproc/py-expat] [security/mit-krb5] [security/gnutls]

Required to build:
[textproc/py-expat]

Package options: ads, ldap, pam, winbind

Master sites:

http://download.samba.org/pub/samba/stable/ (Download)

SHA1: d31423f80918af52cd6d5b2005d76d02975dbfd5
RMD160: 8bfd170d9c14f75e728a051dea335d3365c2afea
Filesize: 20088.72 KB

Version history: (Expand)

(2016-05-13) Updated to version: samba-4.3.9
(2016-04-15) Updated to version: samba-4.3.8
(2016-04-07) Package added to pkgsrc.se, version samba-4.3.4nb1 (created)

CVS history: (Expand)

2016-05-13 16:49:20 by Benny Siegert | Files touched by this commit (4)

Log message:
Pullup ticket #5011 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.18
- net/samba4/PLIST                                              1.7
- net/samba4/distinfo                                           1.10
- net/samba4/patches/patch-lib_nss__wrapper_wscript             deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat May  7 03:09:33 UTC 2016

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/net/samba4/patches: patch-lib_nss__wrapper_wscript

   Log message:
   Update samba4 to 4.3.8, which contains security fix.

   This release fixes some regressions introduced by the last security fixes.
   Please see bug https://bugzilla.samba.org/show_bug.cgi?id=11849 for a list of
   bugs addressing these regressions and more information.

   Changes since 4.3.8:
   --------------------

   o  Jeremy Allison <jra@samba.org>
     * BUG 11742: lib: tevent: Fix memory leak when old signal action restored.
     * BUG 11771: lib: tevent: Fix memory leak when old signal action restored.
     * BUG 11822: s3: libsmb: Fix error where short name length was read as 2
       bytes, should be 1.

   o  Andrew Bartlett <abartlet@samba.org>
     * BUG 11780: smbd: Only check dev/inode in open_directory, not the full
       stat().
     * BUG 11789: pydsdb: Fix returning of ldb.MessageElement.

   o  Berend De Schouwer <berend.de.schouwer@gmail.com>
     * BUG 11643: docs: Add example for domain logins to smbspool man page.

   o  GÃ¼nther Deschner <gd@samba.org>
     * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build.

   o  Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
     * BUG 8093: access based share enum: Handle permission set in configuration
        files.

   o  Volker Lendecke <vl@samba.org>
     * BUG 11816: nwrap: Fix the build on Solaris.
     * BUG 11827: vfs_catia: Fix memleak.
     * BUG 11878: smbd: Avoid large reads beyond EOF.

   o  Stefan Metzmacher <metze@samba.org>
     * BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before
       dereferencing an ioctl response.
     * BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np.
     * BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on
       ldap_add.
     * BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action
       restored.
     * BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain
       list.
     * BUG 11789: s3:wscript: pylibsmb depends on pycredentials.
     * BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share.
     * BUG 11847: Only validate MIC if "map to guest" is not being used.
     * BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
       option for testing.
     * BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
     * BUG 11858: Allow anonymous smb connections.
     * BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
     * BUG 11872: Fix 'wbinfo -u' and 'net ads search'.

   o  Noel Power <noel.power@suse.com>
     * BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee.

   o  Garming Sam <garming@catalyst.net.nz>
     * BUG 11789: build: Mark explicit dependencies on pytalloc-util.

   o  Partha Sarathi <partha@exablox.com>
     * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA
       infolevel.

   o  Jorge Schrauwen <sjorge@blackdot.be>
     * BUG 11816: configure: Don't check for inotify on illumos.

   o  Uri Simchoni <uri@samba.org>
     * BUG 11691: winbindd: Return trust parameters when listing trusts.
     * BUG 11753: smbd: Ignore SVHDX create context.
     * BUG 11763: passdb: Add linefeed to debug message.
     * BUG 11788: build: Fix disk-free quota support on Solaris 10.
     * BUG 11798: build: Fix build when '--without-quota' specified.
     * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore \ 
system acls"
       is set.
     * BUG 11852: libads: Record session expiry for spnego sasl binds.

   o  Hemanth Thummala <hemanth.thummala@nutanix.com>
     * BUG 11740: Real memory leak(buildup) issue in loadparm.
     * BUG 11840: Mask general purpose signals for notifyd.

2016-04-15 09:25:11 by Benny Siegert | Files touched by this commit (3)

Log message:
Pullup ticket #4958 - requested by manu
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.17
- net/samba4/PLIST                                              1.6
- net/samba4/distinfo                                           1.9

---
   Module Name:    pkgsrc
   Committed By:   manu
   Date:           Wed Apr 13 08:26:10 UTC 2016

   Modified Files:
           pkgsrc/net/samba4: Makefile PLIST distinfo

   Log message:
   Update net/samba4 to 4.3.8

   This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
   o  CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
   o  CVE-2016-2115 (SMB IPC traffic is not integrity protected)
   o  CVE-2016-2114 ("server signing = mandatory" not enforced)
   o  CVE-2016-2113 (Missing TLS certificate validation)
   o  CVE-2016-2112 (LDAP client and server don't enforce integrity)
   o  CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
   o  CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
   o  CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
   o  CVE-2016-0771 (Out-of-bounds read in internal DNS server)
   o  CVE-2015-5370 (Multiple errors in DCE-RPC code)