Accepting request 950276 from home:npower:update_samba

- Update to 4.15.5 * CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target of a symlink exists; (bso#14911); (bsc#1193690). * CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module; (bso#14914); (bsc#1194859). * CVE-2022-0336: Re-adding an SPN skips subsequent SPN conflict checks; bso#14950); (bsc#1195048). - CVE-2021-44141: Information leak via symlinks of existance of files or directories outside of the exported share; (bso#14911); (bsc#1193690); - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution; (bso#14914); (bsc#1194859); - CVE-2022-0336: Samba AD users with permission to write to an account can impersonate arbitrary services; (bso#14950); (bsc#1195048); OBS-URL: https://build.opensuse.org/request/show/950276 OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=659
2022-02-01 09:16:29 +00:00 · 2022-02-01 09:16:29 +00:00 · ea40c395c9
commit ea40c395c9
parent 3fa268d923
4 changed files with 29 additions and 4 deletions
--- a/samba-4.15.4+git.224.dea2f6dc836.tar.bz2
+++ b/samba-4.15.4+git.224.dea2f6dc836.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2de5e513ff0564cdbf19cefb2a0d662af9afab72dc0754ea3358ebc956c437c0
-size 25627178
--- a/samba-4.15.5+git.328.f1f29505d84.tar.bz2
+++ b/samba-4.15.5+git.328.f1f29505d84.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ad7bad0205833288c060ce36b3911fa98aee5eccda7a3bf2db3fb04d93d1b63b
+size 25633107
--- a/samba.changes
+++ b/samba.changes
@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Mon Jan 31 14:23:44 UTC 2022 - Noel Power <nopower@suse.com>
+
+- Update to 4.15.5
+  * CVE-2021-44141: UNIX extensions in SMB1 disclose whether the
+    outside target of a symlink exists; (bso#14911);
+    (bsc#1193690).
+  * CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit
+    module; (bso#14914); (bsc#1194859).
+  * CVE-2022-0336:  Re-adding an SPN skips subsequent SPN
+    conflict checks; bso#14950); (bsc#1195048).
+
+-------------------------------------------------------------------
+Wed Jan 26 12:00:35 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
+
+- CVE-2021-44141: Information leak via symlinks of existance of
+  files or directories outside of the exported share; (bso#14911);
+  (bsc#1193690);
+- CVE-2021-44142: Out-of-bounds heap read/write vulnerability
+  in VFS module vfs_fruit allows code execution; (bso#14914);
+  (bsc#1194859);
+- CVE-2022-0336: Samba AD users with permission to write to an
+  account can impersonate arbitrary services; (bso#14950);
+  (bsc#1195048);
+
 -------------------------------------------------------------------
 Fri Jan 21 12:37:42 UTC 2022 - Samuel Cabrero <scabrero@suse.de>

--- a/samba.spec
+++ b/samba.spec
@ -208,7 +208,7 @@ BuildRequires:  liburing-devel
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-Version:        4.15.4+git.224.dea2f6dc836
+Version:        4.15.5+git.328.f1f29505d84
 Release:        0
 URL:            https://www.samba.org/
 Obsoletes:      samba-32bit < %{version}