From 8ed14c465588b03bfccdd13709aee486f1fea60b748af59505701fcb83b76ae2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20M=C3=BCller?= <lmuelle@suse.com>
Date: Wed, 13 Nov 2013 15:49:07 +0000
Subject: [PATCH] - Update to 4.1.1.   + ACLs are not checked on opening an
 alternate data stream on a file or     directory; CVE-2013-4475; (bso#10229);
 (bnc#848101).   + Private key in key.pem world readable; CVE-2013-4476;
 (bnc#848103).

- Private key in key.pem world readable; CVE-2013-4476; (bnc#848103).

- ACLs are not checked on opening an alternate data stream on a file or
  directory; CVE-2013-4475; (bso#10229); (bnc#848101).

OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=347
---
 patches.tar.bz2                            |  4 ++--
 samba-4.1.0.tar.gz                         |  3 ---
 samba-4.1.0.tar.asc => samba-4.1.1.tar.asc |  6 +++---
 samba-4.1.1.tar.gz                         |  3 +++
 samba.changes                              | 19 +++++++++++++++++++
 samba.spec                                 |  6 +++---
 vendor-files.tar.bz2                       |  4 ++--
 7 files changed, 32 insertions(+), 13 deletions(-)
 delete mode 100644 samba-4.1.0.tar.gz
 rename samba-4.1.0.tar.asc => samba-4.1.1.tar.asc (50%)
 create mode 100644 samba-4.1.1.tar.gz

diff --git a/patches.tar.bz2 b/patches.tar.bz2
index 77f5681..f87dec3 100644
--- a/patches.tar.bz2
+++ b/patches.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:de873e3090b06d4fff3abb6a9d064b9968c3581d51bd2854c4d5d9ff0dd36d4d
-size 25695
+oid sha256:831f2da9ea8568f14cacb9ee84c10b452beb14617404ae6142087d918ed785bc
+size 25738
diff --git a/samba-4.1.0.tar.gz b/samba-4.1.0.tar.gz
deleted file mode 100644
index 5a1838c..0000000
--- a/samba-4.1.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ca56ed4fc34cea8198d79ebbfe9ca555eedd884ed24da9348f439910c28c5f12
-size 23149430
diff --git a/samba-4.1.0.tar.asc b/samba-4.1.1.tar.asc
similarity index 50%
rename from samba-4.1.0.tar.asc
rename to samba-4.1.1.tar.asc
index 0a7a790..0752c79 100644
--- a/samba-4.1.0.tar.asc
+++ b/samba-4.1.1.tar.asc
@@ -1,7 +1,7 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
-iD8DBQBSVQ4pbzORW2Vot+oRAkxhAJ47OF095zFV4RIzDn0PUHQfie/bfwCeJ8oQ
-Bfk88b6aeucH9NGcLO018uM=
-=36fM
+iD8DBQBSfLhObzORW2Vot+oRAtNfAKCtFzfpibC87ju8uAw76ZHIhlzmRACfRxvL
+NAhsNno8xxRg8dal9rTcmkc=
+=kXtM
 -----END PGP SIGNATURE-----
diff --git a/samba-4.1.1.tar.gz b/samba-4.1.1.tar.gz
new file mode 100644
index 0000000..f907df1
--- /dev/null
+++ b/samba-4.1.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c70c343f5bcd2bfe3f4b55860e680a6ed70ce30106c8aa16ef89f8a1a85e2628
+size 23152191
diff --git a/samba.changes b/samba.changes
index 5e954a9..3ff341b 100644
--- a/samba.changes
+++ b/samba.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Wed Nov 13 15:16:03 UTC 2013 - lmuelle@suse.com
+
+- Update to 4.1.1.
+  + ACLs are not checked on opening an alternate data stream on a file or
+    directory; CVE-2013-4475; (bso#10229); (bnc#848101).
+  + Private key in key.pem world readable; CVE-2013-4476; (bnc#848103).
+
+-------------------------------------------------------------------
+Sun Nov 10 18:16:56 UTC 2013 - lmuelle@suse.com
+
+- Private key in key.pem world readable; CVE-2013-4476; (bnc#848103).
+
+-------------------------------------------------------------------
+Wed Oct 30 14:11:42 UTC 2013 - lmuelle@suse.com
+
+- ACLs are not checked on opening an alternate data stream on a file or
+  directory; CVE-2013-4475; (bso#10229); (bnc#848101).
+
 -------------------------------------------------------------------
 Fri Oct 11 08:58:29 UTC 2013 - lmuelle@suse.com
 
diff --git a/samba.spec b/samba.spec
index 349ed90..13cfde2 100644
--- a/samba.spec
+++ b/samba.spec
@@ -108,7 +108,7 @@ BuildRequires:  libxslt-tools
 %if %suse_version > 1220
 BuildRequires:  gpg-offline
 %endif
-%define	samba_ver 4.1.0
+%define	samba_ver 4.1.1
 %define	samba_ver_suffix %nil
 %if "%{samba_ver_suffix}" == ""
 %define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz
@@ -135,12 +135,12 @@ BuildRequires:  gpg-offline
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-%define SOURCE_TIMESTAMP 3087
+%define SOURCE_TIMESTAMP 3109
 %define BRANCH %{version}
 %global with_mitkrb5 1
 %global with_dc 0
 %global with_get_printing_ticket 0
-Version:        4.1.0
+Version:        4.1.1
 Release:        0
 License:        GPL-3.0+
 Url:            http://www.samba.org/
diff --git a/vendor-files.tar.bz2 b/vendor-files.tar.bz2
index ccbaade..797c1cb 100644
--- a/vendor-files.tar.bz2
+++ b/vendor-files.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:9ad32db6a08ce3939c4ef2c085b8fcf241dee90ac18c09b99e8c76fb6f0535d7
-size 54192
+oid sha256:cfa99bef72fe35fafd5d7dedc24c23b5de25021b2b6417a5a7d4d366bf31a038
+size 54095