./net/samba4, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.12.5nb2, Package name: samba-4.12.5nb2, Maintainer: pkgsrc-users

Samba is the standard Windows interoperability suite of programs
for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License,
the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and
print services for all clients using the SMB/CIFS protocol, such
as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix
Servers and Desktops into Active Directory environments. It can
function both as a domain controller or as a regular domain member.

This package intends to provide the current stable version of samba
within the 4.x series. (As will all packages, it may of course
sometimes contain an older stable release due to not being updated
yet.)

MESSAGE.rcd [+/-]

Required to run:
[textproc/py-expat] [converters/libiconv] [databases/openldap-client] [archivers/libarchive] [lang/perl5] [net/py-dns] [security/gnutls] [security/libgcrypt] [devel/p5-Parse-Yapp] [devel/popt] [devel/gettext-lib] [devel/readline] [net/avahi] [textproc/jansson] [devel/talloc] [time/py-iso8601] [devel/cmocka] [databases/lmdb] [lang/python37] [devel/tevent] [databases/ldb]

Required to build:
[textproc/docbook-xml] [textproc/docbook-xsl] [textproc/libxslt] [pkgtools/x11-links] [x11/xcb-proto] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto]

Package options: ads, avahi, ldap, pam, winbind

Master sites:

SHA1: 67322997b5588b95c8f9d3fb85f9709deea885cd
RMD160: 5dd2eff38edbb1c0872222559fc08b7e57c5d3c7
Filesize: 17793.329 KB

Version history: (Expand)


CVS history: (Expand)


   2020-07-28 03:11:10 by Christos Zoulas | Files touched by this commit (2)
Log message:
Move sysvol from /var/run/sysvol to /var/db/samba4/sysvol as FreeBSD does,
so that the provisioning data gets preserved across reboots.
From Matthias Perelmann
   2020-07-21 20:42:25 by Christos Zoulas | Files touched by this commit (3)
Log message:
Fix arguments to getgroupmembership
   2020-07-21 00:19:58 by Thomas Klausner | Files touched by this commit (1)
Log message:
samba4: NetBSD current supports ACL, add it to allow-list
   2020-07-06 16:38:06 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
samba4: updated to 4.12.5

Changes since 4.12.4
--------------------
   * BUG 14301: Fix smbd panic on force-close share during async io.
   * BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
     folder that contains incorrect symbols in any file name.
   * BUG 14391: Fix DFS links.
   * BUG 14310: Can't use DNS functionality after a Windows DC has been in
     domain.
   * BUG 14413: ldapi search to FreeIPA crashes.
   * BUG 14396: Add net-ads-join dnshostname=fqdn option.
   * BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
   * BUG 14386: docs-xml: Update list of posible VFS operations for
     vfs_full_audit.
   * BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
   * BUG 14370: Client tools are not able to read gencache anymore.

Samba 4.12.4
============
o  CVE-2020-10730:
   A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
   de-reference and further combinations with the LDAP paged_results feature can
   give a use-after-free in Samba's AD DC LDAP server.

o  CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
   excessive CPU.

o  CVE-2020-10760:
   The use of the paged_results or VLV controls against the Global Catalog LDAP
   server on the AD DC will cause a use-after-free.

o  CVE-2020-14303:
   The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
   further requests once it receives an empty (zero-length) UDP packet to
   port 137.

For more details, please refer to the security advisories.

Changes since 4.12.3
--------------------
   * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
     several seconds of CPU each.
   * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
     and VLV combined.
   * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
     server with paged_result or VLV.
   * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
     AD DC nbt_server.
   * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
     and VLV combined, ldb: Bump version to 2.1.4.
   2020-05-26 15:11:01 by Jonathan Perkin | Files touched by this commit (3)
Log message:
samba4: Avoid conflict with host s_addr.
   2020-05-26 14:22:57 by Jonathan Perkin | Files touched by this commit (1)
Log message:
samba4: Fix ads suggested option.

This is enabled later for suitable platforms, so adding it here either made
that test completely pointless, or added the option twice.
   2020-05-22 12:56:49 by Adam Ciarcinski | Files touched by this commit (624)
Log message:
revbump after updating security/nettle
   2020-05-20 06:26:38 by Tom Spindler | Files touched by this commit (1)
Log message:
Require docbook-xsl>=1.79.2 for building smb.conf.5; otherwise, it errors
out with
runtime error: file /usr/pkg/share/xsl/docbook/lib/lib.xsl line 58 element choose
xsltApplySequenceConstructor: A potential infinite template recursion was detected.