Accepting request 113255 from network:samba:STABLE

- Update to 3.6.4.
- Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe-
  cution as the "root" user; PIDL based autogenerated code allows overwriting
  beyond of allocated array; CVE-2012-1182; (bso#8815); (bnc#752797).
- s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys;
  (bso#8599).
- Correctly handle DENY ACEs when privileges apply; (bso#8797).
- s3:smb2_server: fix a logic error, we should sign non guest sessions;
  (bso8749).
- Allow vfs_aio_pthread to build as a static module; (bso#8723).
- s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for
  persistent dbs; (#bso8527).
- s3: segfault in dom_sid_compare(bso#8567).
- Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER;
  (bso#8768).
- s3-winbindd: Close netlogon connection if the status returned by the
  NetrSamLogonEx call is timeout in the pam_auth_crap path; (bso#8771).
- s3-winbindd: set the can_do_validation6 also for trusted domain; (bso#8599).
- Fix problem when calculating the share security mask, take priviliges into
  account for the connecting user; (bso#8784).
- Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups;
  (bso#8807); (bnc#751454).

OBS-URL: https://build.opensuse.org/request/show/113255
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/samba?expand=0&rev=116

build-source-timestamp

@@ -1,2 +1,2 @@
-2775
-Branch      : trunk
+2784
+Branch      : 3.6.4

patches.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:0d738398eadd16bd1829c44b1f35aa9bd4015dc79d019dd959dac6f4f327087e
-size 38667
+oid sha256:a1efb1dfdd0d92699498db026a1be99634d70759cd8b641b7537fdc2fc208b31
+size 51029

samba-3.6.3.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f0b251f493340f19a653e777688f2ce9667736dd289f0d96954afc799f7b7d61
-size 24448051

samba-3.6.4.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f51904d52afb47253863673c78a251b5105301611311baac003f1f845e6b1941
+size 24464368

samba-doc.spec

@@ -82,7 +82,7 @@ BuildRequires:  pkg-config
 %else
 BuildRequires:  pkgconfig
 %endif
-%define	samba_ver 3.6.3
+%define	samba_ver 3.6.4
 %define	samba_ver_suffix %nil
 %define	samba_ver_full %{samba_ver}%{samba_ver_suffix}
 %if 0%{?suse_version} && 0%{?suse_version} < 1111
@@ -104,7 +104,7 @@ BuildRequires:  pkgconfig
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-Version:        3.6.3
+Version:        3.6.4
 Release:        1
 %define	ldapsmb_ver 1.34b
 Url:            http://www.samba.org/
@@ -449,7 +449,7 @@ This package contains all the Samba documentation as it is not part of
 the man pages.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %changelog

samba.changes

@@ -1,3 +1,41 @@
+-------------------------------------------------------------------
+Tue Apr 10 16:13:34 UTC 2012 - lmuelle@suse.com
+
+- Update to 3.6.4.
+- Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe-
+  cution as the "root" user; PIDL based autogenerated code allows overwriting
+  beyond of allocated array; CVE-2012-1182; (bso#8815); (bnc#752797).
+
+-------------------------------------------------------------------
+Sun Mar 25 21:14:33 UTC 2012 - lmuelle@suse.de
+
+- s3-winbindd: Only use SamLogonEx when we can get unencrypted session keys;
+  (bso#8599).
+- Correctly handle DENY ACEs when privileges apply; (bso#8797).
+
+-------------------------------------------------------------------
+Fri Mar 16 20:26:20 UTC 2012 - lmuelle@suse.de
+
+- s3:smb2_server: fix a logic error, we should sign non guest sessions;
+  (bso8749).
+- Allow vfs_aio_pthread to build as a static module; (bso#8723).
+- s3:dbwrap_ctdb: return the number of records in db_ctdb_traverse() for
+  persistent dbs; (#bso8527).
+- s3: segfault in dom_sid_compare(bso#8567).
+- Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER;
+  (bso#8768).
+- s3-winbindd: Close netlogon connection if the status returned by the
+  NetrSamLogonEx call is timeout in the pam_auth_crap path; (bso#8771).
+- s3-winbindd: set the can_do_validation6 also for trusted domain; (bso#8599).
+- Fix problem when calculating the share security mask, take priviliges into
+  account for the connecting user; (bso#8784).
+
+-------------------------------------------------------------------
+Thu Mar 15 11:44:55 CET 2012 - ddiss@suse.de
+
+- Fix crash in dcerpc_lsa_lookup_sids_noalloc() with over 1000 groups;
+  (bso#8807); (bnc#751454).
+
 -------------------------------------------------------------------
 Wed Mar 14 20:00:25 UTC 2012 - lmuelle@suse.de
 

samba.spec

@@ -82,7 +82,7 @@ BuildRequires:  pkg-config
 %else
 BuildRequires:  pkgconfig
 %endif
-%define	samba_ver 3.6.3
+%define	samba_ver 3.6.4
 %define	samba_ver_suffix %nil
 %define	samba_ver_full %{samba_ver}%{samba_ver_suffix}
 %if 0%{?suse_version} && 0%{?suse_version} < 1111
@@ -104,7 +104,7 @@ BuildRequires:  pkgconfig
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-Version:        3.6.3
+Version:        3.6.4
 Release:        1
 %define	ldapsmb_ver 1.34b
 License:        GPL-3.0+
@@ -211,8 +211,8 @@ binary packages of the most current Samba version, and a bug reporting
 how to.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package client
 License:        GPL-3.0+
@@ -252,8 +252,8 @@ binary packages of the most current Samba version, and a bug reporting
 how to.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %if 0%{?suse_version} == 0 || 0%{?suse_version} > 1020
 
@@ -272,8 +272,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of Samba.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 %if 0%{?suse_version} && 0%{?suse_version} < 1001 || 0%{?suse_version} > 1110
@@ -297,8 +297,8 @@ This package contains all the Samba documentation as it is not part of
 the man pages.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 
@@ -319,8 +319,8 @@ Requires:       samba-client >= %{version}
 A wrapper binary to run smbspool with the original calling UID.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %if %{make_utils}
 
@@ -335,8 +335,8 @@ Obsoletes:      samba-gplv3-utils < %{version}
 Some of the debug-tools for developpers.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 
@@ -367,8 +367,8 @@ PreReq:         coreutils
 This is the winbind-daemon and the wbinfo-tool.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %if 0%{?suse_version} && 0%{?suse_version} < 1031
 
@@ -393,15 +393,15 @@ PreReq:         /sbin/ldconfig
 
 %description -n libsmbclient
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %else
 
 %description -n libsmbclient0
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 This package includes the libsmbclient library.
@@ -439,8 +439,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the smbclient programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libnetapi0
 License:        GPL-3.0+
@@ -452,8 +452,8 @@ PreReq:         /sbin/ldconfig
 This package includes the netapi library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libnetapi-devel
 License:        GPL-3.0+
@@ -471,8 +471,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the netapi programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %if 0%{?suse_version} && 0%{?suse_version} < 1031
 
@@ -492,15 +492,15 @@ PreReq:         /sbin/ldconfig
 
 %description -n libsmbsharemodes
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %else
 
 %description -n libsmbsharemodes0
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 This package includes the smbsharemodes library.
@@ -525,8 +525,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the smbsharemodes programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libwbclient0
 License:        LGPL-3.0+
@@ -538,8 +538,8 @@ PreReq:         /sbin/ldconfig
 This package includes the wbclient library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libwbclient-devel
 License:        LGPL-3.0+
@@ -557,8 +557,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the wbclient programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtalloc2
 Version:        %{libtalloc_ver}
@@ -572,8 +572,8 @@ PreReq:         /sbin/ldconfig
 This package includes the talloc library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtalloc-devel
 Version:        %{libtalloc_ver}
@@ -593,8 +593,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the talloc programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtdb1
 Version:        %{libtdb_ver}
@@ -608,8 +608,8 @@ PreReq:         /sbin/ldconfig
 This package includes the tdb library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtdb-devel
 Version:        %{libtdb_ver}
@@ -625,8 +625,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the tdb programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtevent0
 Version:        %{libtevent_ver}
@@ -640,8 +640,8 @@ PreReq:         /sbin/ldconfig
 This package includes the tevent library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libtevent-devel
 Version:        %{libtevent_ver}
@@ -662,8 +662,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the tevent programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libldb1
 Version:        %{libldb_ver}
@@ -678,8 +678,8 @@ PreReq:         /sbin/ldconfig
 This package includes the ldb library.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %package -n libldb-devel
 Version:        %{libldb_ver}
@@ -700,8 +700,8 @@ This package contains the static libraries and header files needed to
 develop programs which make use of the tevent programming interface.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %if %{make_ldapsmb}
 
@@ -718,8 +718,8 @@ This tool aims to simplify the administration of a Samba Domain
 Controller that uses the ldapsam passdb backend.
 
 
-Source Timestamp: 2775
-Branch      : trunk
+Source Timestamp: 2784
+Branch      : 3.6.4
 
 %endif
 

vendor-files.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:c335ebf5cedd6578c4d421f16fa63b0f33ece0b335425b3a6a967eee3992b5d4
-size 52736
+oid sha256:ca8408cb8520914d3e43ab83a0750df8dc10d96d641f3974d5e967bfb48afc15
+size 52510