pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/net/samba4
From: Takahiro Kambe
Date: 2022-10-25 18:15:35
Message id: 20221025161536.0029AFA90@cvs.NetBSD.org

Log Message:
net/samba4: update to 4.17.2

4.17.2 (2022/10-25)

o CVE-2022-3437:  There is a limited write heap buffer overflow in the GSSAPI
                  unwrap_des() and unwrap_des3() routines of Heimdal (included
                  in Samba).
                  https://www.samba.org/samba/security/CVE-2022-3437.html

o CVE-2022-3592:  A malicious client can use a symlink to escape the exported
                  directory.
                  https://www.samba.org/samba/security/CVE-2022-3592.html

Changes since 4.17.1
--------------------

o  Volker Lendecke <vl@samba.org>
   * BUG 15207: CVE-2022-3592.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 15134: CVE-2022-3437.

Files:

Revision	Action	file
1.152	modify	pkgsrc/net/samba4/Makefile
1.85	modify	pkgsrc/net/samba4/distinfo