2019-06-22 15:27:12 by Jared D. McNeill | Files touched by this commit (2) |
Log message:
Fixes a build failure when the letter 'j' appears in MAKEFLAGS.
|
2019-06-19 23:22:59 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
samba4: updated to 4.10.5
Release Notes for Samba 4.10.5
This is a security release in order to address the following defects:
o CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
(dnsserver))
o CVE-2019-12436 (Samba AD DC LDAP server crash (paged searches))
Details
=======
o CVE-2019-12435:
An authenticated user can crash the Samba AD DC's RPC server process via a
NULL pointer dereference.
o CVE-2019-12436:
An user with read access to the directory can cause a NULL pointer
dereference using the paged search control.
For more details and workarounds, please refer to the security advisories.
|
2019-05-28 15:35:54 by Jonathan Perkin | Files touched by this commit (3) |
Log message:
*: Remove per-package MESSAGE.{rcd,smf} handling.
This is now centralised in mk/pkgformat so no need to do it manually.
|
2019-05-22 21:57:12 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
samba4: updated to 4.10.4
Changes since 4.10.3:
* BUG 13938: s3: SMB1: Don't allow recvfile on stream fsp's.
* BUG 13882: py/provision: Fix for Python 2.6.
* BUG 13873: netcmd: Fix 'passwordsettings --max-pwd-age' command.
* BUG 13938: s3:smbd: Don't use recvfile on streams.
* BUG 13861: s3-libnet_join: 'net ads join' to child domain fails when using
"-U admin@forestroot".
* BUG 13896: vfs_ceph: Explicitly enable libcephfs POSIX ACL support.
* BUG 13940: vfs_ceph: Fix cephwrap_flistxattr() debug message.
* BUG 13895: ctdb-common: Avoid race between fd and signal events.
* BUG 13943: ctdb-common: Fix memory leak in run_proc.
* BUG 13892: lib: Initialize getline() arguments.
* BUG 13903: winbind: Fix overlapping id ranges.
* BUG 13902: lib util debug: Increase format buffer to 4KiB.
* BUG 13927: nsswitch pam_winbind: Fix Asan use after free.
* BUG 13929: s4 lib socket: Ensure address string owned by parent struct.
* BUG 13936: s3 rpc_client: Fix Asan stack use after scope.
* BUG 10097: s3:smbd: Handle IO_REPARSE_TAG_DFS in
SMB_FIND_FILE_FULL_DIRECTORY_INFO.
* BUG 10344: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
* BUG 12845: smb2_sesssetup: avoid STATUS_PENDING responses for session
setup.
* BUG 13698: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
* BUG 13796: smb2_sesssetup: avoid STATUS_PENDING responses for session
setup.
* BUG 13843: dbcheck: Fix the err_empty_attribute() check.
* BUG 13858: vfs_snapper: Drop unneeded fstat handler.
* BUG 13862: vfs_default: Fix vfswrap_offload_write_send()
NT_STATUS_INVALID_VIEW_SIZE check.
* BUG 13863: smb2_server: Grant all 8192 credits to clients.
* BUG 13919: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
* BUG 13872: s3/vfs_glusterfs: Dynamically determine NAME_MAX.
* BUG 13918: s3: modules: ceph: Use current working directory instead of
share path.
* BUG 13831: winbind: Use domain name from lsa query for sid_to_name cache
entry.
* BUG 13865: memcache: Increase size of default memcache to 512k.
* BUG 13857: docs: Update smbclient manpage for "--max-protocol".
* BUG 13861: 'net ads join' to child domain fails when using
"-U admin@forestroot".
* BUG 13937: s3:utils: If share is NULL in smbcacls, don't print it.
* BUG 13939: s3:smbspool: Fix regression printing with Kerberos credentials.
* BUG 13860: ctdb-scripts: CTDB restarts failed NFS RPC services by hand,
which is incompatible with systemd.
* BUG 13888: ctdb-daemon: Revert "We can not assume that just because we
could complete a TCP handshake".
* BUG 13930: ctdb-daemon: Never use 0 as a client ID.
* BUG 13943: ctdb-common: Fix memory leak.
* BUG 13904: s3:debug: Enable logging for early startup failures.
|
2019-05-15 11:07:21 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
samba4: updated to 4.10.3
Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available
These are security releases in order to address CVE-2018-16860 (Samba AD DC \
S4U2Self/S4U2Proxy unkeyed checksum).
|
2019-04-25 09:33:32 by Maya Rashish | Files touched by this commit (620) |
Log message:
PKGREVISION bump for anything using python without a PYPKGPREFIX.
This is a semi-manual PKGREVISION bump.
|
2019-04-23 09:42:53 by Maya Rashish | Files touched by this commit (1) | |
Log message:
samba4: update Linux-specific PLIST entries
from mmoll in https://github.com/NetBSD/pkgsrc/pull/46
I am not adding the SunOS part because the files are in the non-OS specific
PLIST, now (the SunOS entries seem to be duplicated)
|
2019-04-08 20:35:59 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
samba4: updated to 4.10.2
Release Notes for Samba 4.10.2
This is a security release in order to address the following defects:
o CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
o CVE-2019-3880 (Save registry file outside share as unprivileged user)
Details
o CVE-2019-3870:
During the provision of a new Active Directory DC, some files in the private/
directory are created world-writable.
o CVE-2019-3880:
Authenticated users with write permission can trigger a symlink traversal to
write or detect files outside the Samba share.
For more details and workarounds, please refer to the security advisories.
Changes since 4.10.1:
* BUG 13834: CVE-2019-3870: pysmbd: Ensure a zero umask is set for
smbd.mkdir().
* BUG 13851: CVE-2018-14629: rpc: winreg: Remove implementations of
SaveKey/RestoreKey.
|
2019-04-03 16:23:06 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
samba4: updated to 4.10.1
Changes since 4.10.0:
* BUG 13837: py/kcc_utils: py2.6 compatibility.
* BUG 13869: libcli: permit larger values of DataLength in
SMB2_ENCRYPTION_CAPABILITIES of negotiate response.
* BUG 13840: regfio: Improve handling of malformed registry hive files.
* BUG 13789: ctdb-version: Simplify version string usage.
* BUG 13859: lib: Make fd_load work for non-regular files.
* BUG 13816: dbcheck in the middle of the tombstone garbage collection causes
replication failures, dbcheck: add --selftest-check-expired-tombstones
cmdline option.
* BUG 13818: ndr_spoolss_buf: Fix out of scope use of stack variable in
NDR_SPOOLSS_PUSH_ENUM_OUT().
* BUG 13854: s4/messaging: Fix undefined reference in linking
libMESSAGING-samba4.so.
* BUG 13836: acl_read: Fix regression for empty lists.
* BUG 13841: s4:dlz make b9_has_soa check dc=@ node.
* BUG 13832: s3:client: Fix printing via smbspool backend with kerberos auth.
* BUG 13847: s4:librpc: Fix installation of Samba.
* BUG 13848: s3:lib: Fix the debug message for adding cache entries.
* BUG 13793: s3:utils: Add 'smbstatus -L --resolve-uids' to show username.
* BUG 13848: s3:lib: Fix the debug message for adding cache entries.
* BUG 13853: s3:waf: Fix the detection of makdev() macro on Linux.
* BUG 13789: ctdb-build: Drop creation of .distversion in tarball.
* BUG 13838: ctdb-packaging: Test package requires tcpdump, ctdb package
should not own system library directory.
|
2019-03-27 07:28:05 by Adam Ciarcinski | Files touched by this commit (3) |
Log message:
Mark as incomparible with Python 2.7
|