Navigation:
Browse pkgsrc
(this page) 2019-11-10 18:01:58 by Adam Ciarcinski | Files touched by this commit (7) |  |
Log message: samba4: updated to 4.11.2 4.11.2: This is a security release in order to address the following defects: o CVE-2019-10218: Client code can return filenames containing path separators. o CVE-2019-14833: Samba AD DC check password script does not receive the full password. o CVE-2019-14847: User with "get changes" permission can crash AD DC \ LDAP server via dirsync. 4.11.1: This is the latest stable release of the Samba 4.11 release series. Changes since 4.11.0: * BUG 14141: getpwnam and getpwuid need to return data for ID_TYPE_BOTH group. * BUG 14094: smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir(). * BUG 14152: s3: smbclient: Stop an SMB2-connection from blundering into SMB1-specific calls. * BUG 14137: Fix stale file handle error when using mkstemp on a share. * BUG 14106: Fix spnego fallback from kerberos to ntlmssp in smbd server. * BUG 14140: Overlinking libreplace against librt and pthread against every binary or library causes issues. * BUG 14130: s3-winbindd: Fix forest trusts with additional trust attributes. * BUG 14134: auth/gensec: Fix non-AES schannel seal. * BUG 14147: Deleted records can be resurrected during recovery. * BUG 14136: Fix uncaught exception in classicupgrade. * BUG 14139: fault.c: Improve fault_report message text pointing to our wiki. * BUG 14128: s3:client: Use DEVICE_URI, instead of argv[0], for Device URI. * BUG 14124: pam_winbind with krb5_auth or wbinfo -K doesn't work for users of trusted domains/forests. * BUG 14131: Remove 'pod2man' as it is no longer needed. * BUG 13884: Joining Active Directory should not use SAMR to set the password. * BUG 14140: Overlinking libreplace against librt and pthread against every binary or library causes issues. * BUG 14155: 'kpasswd' fails when built with MIT Kerberos. * BUG 14129: Exit code of ctdb nodestatus should not be influenced by deleted nodes. 4.11.0: * BUG 14049: ldb: Don't try to save a value that isn't there. * ldb_dn: Free dn components on explode failure. * ldb: Do not allow adding a DN as a base to itself. * ldb: Release ldb 2.0.7. * BUG 13695: ldb: Correct Pigeonhole principle validation in ldb_filter_attrs(). * BUG 14049: Fix ldb dn crash. * BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords \ = no". * BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust mutexes. * BUG 14121: smbd returns bad File-ID on filehandle used to create a file or directory. * BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations. * BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to load balancers or servers with "multi-tenancy" support. * BUG 14113: Fix byte range locking bugs/regressions. * ldb: Fix mem-leak if talloc_realloc fails. * BUG 14007: Fix join with don't exists machine account. * BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map. CHANGES SINCE 4.11.0rc2 * BUG 13972: Different Device Id for GlusterFS FUSE mount is causing data loss in CTDB cluster. * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape from the share. * BUG 14059: ldb: Release ldb 2.0.6 (log database repack so users know what is happening). * BUG 14092: docs: Deprecate "rndc command" for Samba 4.11. * BUG 14059: ldb: Free memory when repacking database. * BUG 14089: vfs_default: Use correct flag in vfswrap_fs_file_id. * BUG 14090: vfs_glusterfs: Initialize st_ex_file_id, st_ex_itime and st_ex_iflags. * BUG 14093: vfs_glusterfs: Enable profiling for file system operations. * BUG 14059: Backport sambadowngradedatabase for v4.11. * BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape from the share. * BUG 14032: vfs_gpfs: Implement special case for denying owner access to ACL. * BUG 14084: Avoid marking a node as connected before it can receive packets. * BUG 14086: Fix onnode test failure with ShellCheck >= 0.4.7. * BUG 14087: ctdb-daemon: Stop "ctdb stop" from completing before freezing databases. |
| 2019-11-03 12:45:59 by Roland Illig | Files touched by this commit (255) |
Log message: net: align variable assignments pkglint -Wall -F --only aligned --only indent -r No manual corrections. |
| 2019-09-09 02:33:05 by Takahiro Kambe | Files touched by this commit (1) |
Log message: net/samba4: Makefile format correction Revert remove of a blank line. There should be blank line. Thanks to wiz@ noted via private mail. |
| 2019-09-05 14:39:57 by Hauke Fath | Files touched by this commit (17) |
Log message: Solarish pthreads expect mutex datastructures to be properly zeroed out, unlike the Linux implementation, which upstream mainly targets. This leads to "tdb_open_ex: tdb_mutex_init failed for /var/samba/lock/gencache.tdb: Device busy" errors, described in <https://illumos.topicbox.com/groups/developer/T28dcabf2f69cac04>. Illumos kernel code attempted to mitigate the problem as of <https://www.illumos.org/issues/9959>, but the changes have yet to show up in releases. The patches originate from <https://github.com/oposs/pkg.oetiker.ch-build/blob/master/build/samba4/patches/pthread_mutex_init>, modified appropriately. Tested on omniosce r151030. |
| 2019-09-04 10:15:33 by Takahiro Kambe | Files touched by this commit (1) | |
Log message: net/samba4: update MASTER_SITES Update MASTER_SITES switching to https URL. And remove extra empty line. |
| 2019-09-03 21:11:58 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
samba4: updated to 4.10.8
Samba 4.10.8:
This is a security release in order to address the following defect:
o CVE-2019-10197: Combination of parameters and permissions can allow user
to escape from the share path definition.
|
| 2019-08-23 12:52:41 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: samba4: updated to 4.10.7 Samba 4.10.7 * BUG 14010: Unable to create or rename file/directory inside shares configured with vfs_glusterfs_fuse module. * BUG 13844: build: Allow build when '--disable-gnutls' is set. * BUG 13973: samba-tool: Add 'import samba.drs_utils' to fsmo.py. * BUG 14008: Fix 'Error 32 determining PSOs in system' message on old DB with FL upgrade. * BUG 14021: s4/libnet: Fix joining a Windows pre-2008R2 DC. * BUG 14046: join: Use a specific attribute order for the DsAddEntry nTDSDSA object. * BUG 14015: vfs_catia: Pass stat info to synthetic_smb_fname(). * BUG 14091: lookup_name: Allow own domain lookup when flags == 0. * BUG 13932: s4 librpc rpc pyrpc: Ensure tevent_context deleted last. * BUG 13915: DEBUGC and DEBUGADDC doesn't print into a class specific log file. * BUG 13949: Request to keep deprecated option "server schannel", VMWare Quickprep requires "auto". * BUG 13967: dbcheck: Fallback to the default tombstoneLifetime of 180 days. * BUG 13969: dnsProperty fails to decode values from older Windows versions. * BUG 13973: samba-tool: Use only one LDAP modify for dns partition fsmo role transfer. * BUG 13960: third_party: Update waf to version 2.0.17. * BUG 14051: netcmd: Allow 'drs replicate --local' to create partitions. * BUG 14017: ctdb-config: Depend on /etc/ctdb/nodes file. |
| 2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) |
Log message: Bump PKGREVISIONs for perl 5.30.0 |
| 2019-08-03 08:54:39 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: samba4: updated to 4.10.6 Changes 4.10.6: * BUG 13956: s3: winbind: Fix crash when invoking winbind idmap scripts. * BUG 13964: smbd does not correctly parse arguments passed to dfree and quota scripts. * BUG 13965: samba-tool dns: use bytes for inet_ntop. * BUG 13828: samba-tool domain provision: Fix --interactive module in python3. * BUG 13893: ldb_kv: Skip @ records early in a search full scan. * BUG 13981: docs: Improve documentation of "lanman auth" and \ "ntlm auth" connection. * BUG 14002: python/ntacls: Use correct "state directory" smb.conf option instead of "state dir". * BUG 13840: registry: Add a missing include. * BUG 13944: Fix SMB guest authentication. * BUG 13958: AppleDouble conversion breaks Resourceforks. * BUG 13968: vfs_fruit makes direct use of syscalls like mmap() and pread(). * BUG 13987: s3:mdssvc: Fix flex compilation error. * BUG 13872: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly: * BUG 13799: dsdb:samdb: schemainfo update with relax control. * BUG 13964: s3:util: Move static file_pload() function to lib/util. * BUG 13957: smbd: Fix a panic. * BUG 12478: ldap server: Generate correct referral schemes. * BUG 13941: s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value. * BUG 13942: s4 dsdb: Fix use after free in samldb_rename_search_base_callback. * BUG 12204: dsdb/repl: we need to replicate the whole schema before we can apply it. * BUG 12478: ldb: Release ldb 1.5.5 * BUG 13713: Schema replication fails if link crosses chunk boundary backwards. * BUG 13799: 'samba-tool domain schemaupgrade' uses relax control and skips the schemaInfo update provision. * BUG 13916: dsdb_audit: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..." * BUG 13917: python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to get the ACL. * BUG 13947: s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary. * BUG 13939: Using Kerberos credentials to print using spoolss doesn't work. * BUG 13998: wafsamba: Use native waf timer. * BUG 13984: ctdb-scripts: Fix tcp_tw_recycle existence check. |
| 2019-07-22 00:26:08 by Thomas Klausner | Files touched by this commit (1256) |
Log message: *: recursive bump for gdk-pixbuf2-2.38.1 |
New packages: