pool/samba
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 992061 from home:scabrero:branches:network:samba:STABLE

Browse Source 
- Update to 4.16.4
  * CVE-2022-2031: Samba AD users can bypass certain restrictions
    associated with changing passwords; (bsc#1201495); (bso#15047);
  * CVE-2022-32744: Samba AD users can forge password change
    requests for any user; (bsc#1201493); (bso#15074);
  * CVE-2022-32745: Samba AD users can crash the server process
    with an LDAP add or modify request; (bsc#1201492); (bso#15008);
  * CVE-2022-32746: Samba AD users can induce a use-after-free in
    the server process with an LDAP add or modify request;
    (bsc#1201490); (bso#15009);
  * CVE-2022-32742: Server memory information leak via SMB1;
    (bsc#1201496); (bso#15085);

- Update to 4.16.3
  * Using vfs_streams_xattr and deleting a file causes a panic;
    (bso#15099);
  * Add support for bind 9.18; (bso#14986);
  * logging dsdb audit to specific files does not work;
    (bso#15076);
  * Problem when winbind renews Kerberos; (bso#14979);
    (bsc#1196224);
  * Samba with new lorikeet-heimdal fails to build on gcc 12.1 in
    developer mode; (bso#15095);
  * Crash in streams_xattr because fsp->base_fsp->fsp_name is
    NULL; (bso#15105);
  * Crash in rpcd_classic - NULL pointer deference in
    mangle_is_mangled(); (bso#15118);
  * smbclient commands del & deltree fail with
    NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
    (bsc#1200556);

OBS-URL: https://build.opensuse.org/request/show/992061
OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=666
This commit is contained in:
David Mulder 2022-08-04 14:57:01 +00:00 committed by Git OBS Bridge
parent 226cf1c745
commit 8e8c7e7ee5
4 changed files with 52 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
samba-4.16.2+git.288.4d64e4651f0.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f68a43f472bf2b3c8b4219c73622c3ceb7728f3a58968ae1053795a0beb8d0ae
size 33996991

3
samba-4.16.4+git.297.1497eb221ed.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:864cc492fd79a360f09a53b4f99951f2bc54cbdc40d0ace217ec87fbdd1a6c2b
size 34022530

47
samba.changes
View File

@ -1,3 +1,50 @@
-------------------------------------------------------------------
Thu Jul 28 11:56:31 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
- Update to 4.16.4
* CVE-2022-2031: Samba AD users can bypass certain restrictions
associated with changing passwords; (bsc#1201495); (bso#15047);
* CVE-2022-32744: Samba AD users can forge password change
requests for any user; (bsc#1201493); (bso#15074);
* CVE-2022-32745: Samba AD users can crash the server process
with an LDAP add or modify request; (bsc#1201492); (bso#15008);
* CVE-2022-32746: Samba AD users can induce a use-after-free in
the server process with an LDAP add or modify request;
(bsc#1201490); (bso#15009);
* CVE-2022-32742: Server memory information leak via SMB1;
(bsc#1201496); (bso#15085);
-------------------------------------------------------------------
Tue Jul 19 11:25:59 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
- Update to 4.16.3
* Using vfs_streams_xattr and deleting a file causes a panic;
(bso#15099);
* Add support for bind 9.18; (bso#14986);
* logging dsdb audit to specific files does not work;
(bso#15076);
* Problem when winbind renews Kerberos; (bso#14979);
(bsc#1196224);
* Samba with new lorikeet-heimdal fails to build on gcc 12.1 in
developer mode; (bso#15095);
* Crash in streams_xattr because fsp->base_fsp->fsp_name is
NULL; (bso#15105);
* Crash in rpcd_classic - NULL pointer deference in
mangle_is_mangled(); (bso#15118);
* smbclient commands del & deltree fail with
NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
(bsc#1200556);
* Fix check for chown when processing NFSv4 ACL; (bso#15120);
* The pcap background queue process should not be stopped;
(bso#15082);
* testparm: Fix typo in idmap rangesize check; (bso#15097);
* net ads info returns LDAP server and LDAP server name as
null; (bso#15106);
* ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link;
(bso#15108);
* CTDB child process logging does not work as expected;
(bso#15090);
-------------------------------------------------------------------
Tue Jul 12 10:48:47 UTC 2022 - Samuel Cabrero <scabrero@suse.de>

3
samba.spec
View File

@ -145,7 +145,7 @@ BuildRequires: liburing-devel
%endif
BuildRequires: sysuser-tools
Version: 4.16.2+git.288.4d64e4651f0
Version: 4.16.4+git.297.1497eb221ed
Release: 0
URL: https://www.samba.org/
Obsoletes: samba-32bit < %{version}
@ -1865,6 +1865,7 @@ exit 0
%{_libdir}/samba/bind9/dlz_bind9_12.so
%{_libdir}/samba/bind9/dlz_bind9_14.so
%{_libdir}/samba/bind9/dlz_bind9_16.so
%{_libdir}/samba/bind9/dlz_bind9_18.so
%dir %{_libdir}/samba/gensec
%{_libdir}/samba/gensec/krb5.so
%{_libdir}/samba/libdlz-bind9-for-torture-samba4.so