Subject: CVS commit: pkgsrc/net/samba4
From: Adam Ciarcinski
Date: 2022-08-09 19:56:09
Message id: 20220809175609.81DF3FB1A@cvs.NetBSD.org

Log Message:
samba4: updated to 4.16.4

Release Notes for Samba 4.16.4

This is a security release in order to address the following defects:

o CVE-2022-2031:  Samba AD users can bypass certain restrictions associated with
                  changing passwords.
                  https://www.samba.org/samba/security/CVE-2022-2031.html

o CVE-2022-32744: Samba AD users can forge password change requests for any user.
                  https://www.samba.org/samba/security/CVE-2022-32744.html

o CVE-2022-32745: Samba AD users can crash the server process with an LDAP add
                  or modify request.
                  https://www.samba.org/samba/security/CVE-2022-32745.html

o CVE-2022-32746: Samba AD users can induce a use-after-free in the server
                  process with an LDAP add or modify request.
                  https://www.samba.org/samba/security/CVE-2022-32746.html

o CVE-2022-32742: Server memory information leak via SMB1.
                  https://www.samba.org/samba/security/CVE-2022-32742.html

Files:
RevisionActionfile
1.1removepkgsrc/net/samba4/PLIST.mit-krb5
1.1removepkgsrc/net/samba4/PLIST.heimdal
1.80modifypkgsrc/net/samba4/distinfo
1.46modifypkgsrc/net/samba4/PLIST
1.148modifypkgsrc/net/samba4/Makefile