From 9ec2a5755d0db3b9af0daf72ff5f3a5fd3d7cf5b1c1588579225b96c03a60e30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lars=20M=C3=BCller?= Date: Tue, 11 Mar 2014 18:36:52 +0000 Subject: [PATCH] - Update to 4.1.6. + Password lockout not enforced for SAMR password changes; CVE-2013-4496; (bnc#849224). + smbcacls can remove a file or directory ACL by mistake; CVE-2013-6442; (bnc#855866). - Password lockout not enforced for SAMR password changes; CVE-2013-4496; (bnc#849224). - Call update-apparmor-samba-profile via ExecStartPre too; (bnc#867665). - samba4 smbcalcs --chown | --chgrp dacl regression; CVE-2013-6442; (bnc#855866). OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=391 --- patches.tar.bz2 | 4 ++-- samba-4.1.5.tar.asc | 7 ------- samba-4.1.5.tar.gz | 3 --- samba-4.1.6.tar.asc | 7 +++++++ samba-4.1.6.tar.gz | 3 +++ samba.changes | 26 ++++++++++++++++++++++++++ samba.spec | 8 +++++--- vendor-files.tar.bz2 | 4 ++-- 8 files changed, 45 insertions(+), 17 deletions(-) delete mode 100644 samba-4.1.5.tar.asc delete mode 100644 samba-4.1.5.tar.gz create mode 100644 samba-4.1.6.tar.asc create mode 100644 samba-4.1.6.tar.gz diff --git a/patches.tar.bz2 b/patches.tar.bz2 index 81d2d21..83727b0 100644 --- a/patches.tar.bz2 +++ b/patches.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a63586971aa52a0ce284686f2158e526f70d5442bc5a051b212e3465f287bf7e -size 187990 +oid sha256:bbe1aef11bebb2aefdcb8691bc2e5a4502ca1fd12404ea56f8784bb7e87e62b6 +size 188050 diff --git a/samba-4.1.5.tar.asc b/samba-4.1.5.tar.asc deleted file mode 100644 index 6aa442c..0000000 --- a/samba-4.1.5.tar.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.11 (GNU/Linux) - -iEYEABECAAYFAlMHHEcACgkQbzORW2Vot+pNiwCePohuvj4WvbYp0AmHW7HXkTD0 -ExgAn0Qq3LcJ2KBjX+s8gHk23yGtWA27 -=K+he ------END PGP SIGNATURE----- diff --git a/samba-4.1.5.tar.gz b/samba-4.1.5.tar.gz deleted file mode 100644 index e149019..0000000 --- a/samba-4.1.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d98c1554d6f857053557ff024c243df5d15dd9ca436d5804be4b0546ede94cc8 -size 23177512 diff --git a/samba-4.1.6.tar.asc b/samba-4.1.6.tar.asc new file mode 100644 index 0000000..676e3a8 --- /dev/null +++ b/samba-4.1.6.tar.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.11 (GNU/Linux) + +iEYEABECAAYFAlMe+FYACgkQbzORW2Vot+qW8gCgjsPfEKKZ6HYlyH0tErAUCTjU +wSUAnAou9AL9jlZ3C99q0KTi69Z5tkJU +=aw1W +-----END PGP SIGNATURE----- diff --git a/samba-4.1.6.tar.gz b/samba-4.1.6.tar.gz new file mode 100644 index 0000000..8ea65f1 --- /dev/null +++ b/samba-4.1.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6d3b25cb70acbd75352e1a6039093689ded373f6ac755c207635416786532e6b +size 23177462 diff --git a/samba.changes b/samba.changes index b022b00..fdd8060 100644 --- a/samba.changes +++ b/samba.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Tue Mar 11 18:07:47 UTC 2014 - lmuelle@suse.com + +- Update to 4.1.6. + + Password lockout not enforced for SAMR password changes; CVE-2013-4496; + (bnc#849224). + + smbcacls can remove a file or directory ACL by mistake; CVE-2013-6442; + (bnc#855866). + +------------------------------------------------------------------- +Tue Mar 11 13:10:59 UTC 2014 - lmuelle@suse.com + +- Password lockout not enforced for SAMR password changes; + CVE-2013-4496; (bnc#849224). + +------------------------------------------------------------------- +Tue Mar 11 10:21:46 UTC 2014 - lmuelle@suse.com + +- Call update-apparmor-samba-profile via ExecStartPre too; (bnc#867665). + +------------------------------------------------------------------- +Mon Mar 10 16:00:03 UTC 2014 - nopower@suse.com + +- samba4 smbcalcs --chown | --chgrp dacl regression; CVE-2013-6442; + (bnc#855866). + ------------------------------------------------------------------- Tue Mar 4 17:20:33 UTC 2014 - ddiss@suse.com diff --git a/samba.spec b/samba.spec index bc923e8..93e46cf 100644 --- a/samba.spec +++ b/samba.spec @@ -117,7 +117,7 @@ BuildRequires: dbus-1-devel BuildRequires: gpg-offline BuildRequires: systemd %endif -%define samba_ver 4.1.5 +%define samba_ver 4.1.6 %define samba_ver_suffix %nil %if "%{samba_ver_suffix}" == "" %define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz @@ -144,12 +144,12 @@ BuildRequires: systemd %else %define build_make_smp_mflags %{?jobs:-j%jobs} %endif -%define SOURCE_TIMESTAMP 3195 +%define SOURCE_TIMESTAMP 3205 %define BRANCH %{version} %global with_mitkrb5 1 %global with_dc 0 %global with_get_printing_ticket 0 -Version: 4.1.5 +Version: 4.1.6 Release: 0 License: GPL-3.0+ Url: http://www.samba.org/ @@ -1366,6 +1366,8 @@ for srv_name in nmb smb winbind; do ${srv_name^^}DOPTIONS=\"-D\"\n" >>SUSE.sysconfig.${srv_name} ln -s ../../%{_sbindir}/service %{buildroot}/%{_sbindir}/rc${srv_name} done +sed -i -e "s@EnvironmentFile=-/etc/sysconfig/samba@EnvironmentFile=-/etc/sysconfig/samba\nExecStartPre=/usr/share/samba/update-apparmor-samba-profile@g" \ + %{buildroot}/%{_unitdir}/smb.service head -n 2 ../packaging/systemd/samba.sysconfig > \ %{buildroot}%_var/adm/fillup-templates/sysconfig.samba cat SUSE.sysconfig.{nmb,smb} >>\ diff --git a/vendor-files.tar.bz2 b/vendor-files.tar.bz2 index e6d640c..04c5f8e 100644 --- a/vendor-files.tar.bz2 +++ b/vendor-files.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:563d2592213f7a6a04ce5f8979c7a9a251a3910c053f4617193e7ea540836f74 -size 53843 +oid sha256:f01b85ae87c862f256f53fc8ac3f254eaa306a476af784e1990f6775b13d96f1 +size 53925