Accepting request 349211 from network:samba:STABLE
- Update to 4.3.3.
+ Malicious request can cause Samba LDAP server to hang, spinning using CPU;
CVE-2015-3223; (bso#11325); (bnc#958581).
+ Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
(bnc#958586).
+ Insufficient symlink verification (file access outside the share);
CVE-2015-5252; (bso#11395); (bnc#958582).
+ No man in the middle protection when forcing smb encryption on the client
side; CVE-2015-5296; (bso#11536); (bnc#958584).
+ Currently the snapshot browsing is not secure thru windows previous version
(shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
+ Fix Microsoft MS15-096 to prevent machine accounts from being changed into
user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
OBS-URL: https://build.opensuse.org/request/show/349211
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/samba?expand=0&rev=195
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
d7ad01a49f
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:478260fef1d481e5855738953e1be347a4e40707f3558df2296403435fa3871d
|
||||
size 29327
|
||||
oid sha256:3af5090525b5ad700a476a87b5dd204ac73a0e5c69ae4106e1688e9325ec5bb7
|
||||
size 29365
|
||||
|
||||
@ -1,7 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iD8DBQBWXV9BbzORW2Vot+oRAq47AKCVt9x8RSB7klEcd/hGIcsZ/iQ+ZgCfRvAS
|
||||
S6lmXrzxZ62yDKnlOXq5bTY=
|
||||
=wfn1
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:61989195caadf0f6fb51ce6bed5e203e6146facc2c276a26ad41901ad9129a75
|
||||
size 20425622
|
||||
7
samba-4.3.3.tar.asc
Normal file
7
samba-4.3.3.tar.asc
Normal file
@ -0,0 +1,7 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iD8DBQBWaWgFbzORW2Vot+oRAtnwAJ0f3MAti7KVNg+R04BJEBl4zBVyXACfeAus
|
||||
vmEQRaNHbsqOslrw40hKTcY=
|
||||
=4i4d
|
||||
-----END PGP SIGNATURE-----
|
||||
3
samba-4.3.3.tar.gz
Normal file
3
samba-4.3.3.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e62d21313acbb29e24b0b80aaf2b63fdd1ccce4cfb741f333deca95a1a3a70df
|
||||
size 20427281
|
||||
@ -1,3 +1,20 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 11 16:49:16 UTC 2015 - lmuelle@suse.com
|
||||
|
||||
- Update to 4.3.3.
|
||||
+ Malicious request can cause Samba LDAP server to hang, spinning using CPU;
|
||||
CVE-2015-3223; (bso#11325); (bnc#958581).
|
||||
+ Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599);
|
||||
(bnc#958586).
|
||||
+ Insufficient symlink verification (file access outside the share);
|
||||
CVE-2015-5252; (bso#11395); (bnc#958582).
|
||||
+ No man in the middle protection when forcing smb encryption on the client
|
||||
side; CVE-2015-5296; (bso#11536); (bnc#958584).
|
||||
+ Currently the snapshot browsing is not secure thru windows previous version
|
||||
(shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583).
|
||||
+ Fix Microsoft MS15-096 to prevent machine accounts from being changed into
|
||||
user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 1 16:48:13 UTC 2015 - lmuelle@suse.com
|
||||
|
||||
|
||||
26
samba.spec
26
samba.spec
@ -12,7 +12,7 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
@ -122,14 +122,14 @@ BuildRequires: libavahi-devel
|
||||
BuildRequires: systemd
|
||||
BuildRequires: systemd-devel
|
||||
%endif
|
||||
%define samba_ver 4.3.2
|
||||
%define samba_ver 4.3.3
|
||||
%define samba_ver_suffix %nil
|
||||
%if "%{samba_ver_suffix}" == ""
|
||||
%define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz
|
||||
%define samba_source_signature_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc
|
||||
%define samba_source_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz
|
||||
%define samba_source_signature_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc
|
||||
%else
|
||||
%define samba_source_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz
|
||||
%define samba_source_signature_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc
|
||||
%define samba_source_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz
|
||||
%define samba_source_signature_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc
|
||||
%endif
|
||||
%define samba_ver_full %{samba_ver}%{samba_ver_suffix}
|
||||
%if 0%{?suse_version} && 0%{?suse_version} < 1031
|
||||
@ -144,13 +144,13 @@ BuildRequires: systemd-devel
|
||||
%else
|
||||
%define build_make_smp_mflags %{?jobs:-j%jobs}
|
||||
%endif
|
||||
%define SOURCE_TIMESTAMP 3535
|
||||
%define SOURCE_TIMESTAMP 3552
|
||||
%define BRANCH %{version}
|
||||
%global with_mitkrb5 1
|
||||
%global with_dc 0
|
||||
Version: 4.3.2
|
||||
Version: 4.3.3
|
||||
Release: 0
|
||||
Url: http://www.samba.org/
|
||||
Url: https://www.samba.org/
|
||||
Provides: samba-gplv3 = %{version}
|
||||
Obsoletes: samba-gplv3 < %{version}
|
||||
%if 0%{?suse_version} > 1030
|
||||
@ -238,9 +238,9 @@ a server. The binaries expect the configuration file to be found in
|
||||
/etc/samba/smb.conf
|
||||
|
||||
For a more detailed description of Samba, check the samba-doc package
|
||||
or the Samba.org Web page at http://www.Samba.org/
|
||||
or the Samba.org Web page at https://www.Samba.org/
|
||||
|
||||
Please check http://en.openSUSE.org/Samba for general information on
|
||||
Please check https://en.openSUSE.org/Samba for general information on
|
||||
Samba as part of SUSE Linux Enterprise or openSUSE products, links to
|
||||
binary packages of the most current Samba version, and a bug reporting
|
||||
how to.
|
||||
@ -277,9 +277,9 @@ act as a Samba client. The binaries expect the configuration file to
|
||||
be found in /etc/samba/smb.conf
|
||||
|
||||
For a more detailed description of Samba, check the samba-doc package
|
||||
or the Samba.org Web page at http://www.Samba.org/
|
||||
or the Samba.org Web page at https://www.Samba.org/
|
||||
|
||||
Please check http://en.openSUSE.org/Samba for general information on
|
||||
Please check https://en.openSUSE.org/Samba for general information on
|
||||
Samba as part of SUSE Linux Enterprise or openSUSE products, links to
|
||||
binary packages of the most current Samba version, and a bug reporting
|
||||
how to.
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d0d7c9b656193c2a8d439b6f7cc9fccb9031ea457ed835c1594bbe6546d519f1
|
||||
size 53061
|
||||
oid sha256:db58877d59dbe26e26b5073034e5510f4d6c841e71024badfb4167b705d6e385
|
||||
size 52885
|
||||
|
||||
Loading…
Reference in New Issue
Block a user