diff --git a/patches.tar.bz2 b/patches.tar.bz2 index bac1cd0..3c32129 100644 --- a/patches.tar.bz2 +++ b/patches.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:478260fef1d481e5855738953e1be347a4e40707f3558df2296403435fa3871d -size 29327 +oid sha256:3af5090525b5ad700a476a87b5dd204ac73a0e5c69ae4106e1688e9325ec5bb7 +size 29365 diff --git a/samba-4.3.2.tar.asc b/samba-4.3.2.tar.asc deleted file mode 100644 index 0d5ea9a..0000000 --- a/samba-4.3.2.tar.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iD8DBQBWXV9BbzORW2Vot+oRAq47AKCVt9x8RSB7klEcd/hGIcsZ/iQ+ZgCfRvAS -S6lmXrzxZ62yDKnlOXq5bTY= -=wfn1 ------END PGP SIGNATURE----- diff --git a/samba-4.3.2.tar.gz b/samba-4.3.2.tar.gz deleted file mode 100644 index 4298009..0000000 --- a/samba-4.3.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:61989195caadf0f6fb51ce6bed5e203e6146facc2c276a26ad41901ad9129a75 -size 20425622 diff --git a/samba-4.3.3.tar.asc b/samba-4.3.3.tar.asc new file mode 100644 index 0000000..793a605 --- /dev/null +++ b/samba-4.3.3.tar.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iD8DBQBWaWgFbzORW2Vot+oRAtnwAJ0f3MAti7KVNg+R04BJEBl4zBVyXACfeAus +vmEQRaNHbsqOslrw40hKTcY= +=4i4d +-----END PGP SIGNATURE----- diff --git a/samba-4.3.3.tar.gz b/samba-4.3.3.tar.gz new file mode 100644 index 0000000..d808870 --- /dev/null +++ b/samba-4.3.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e62d21313acbb29e24b0b80aaf2b63fdd1ccce4cfb741f333deca95a1a3a70df +size 20427281 diff --git a/samba.changes b/samba.changes index 94ddaf0..06b5d6e 100644 --- a/samba.changes +++ b/samba.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Fri Dec 11 16:49:16 UTC 2015 - lmuelle@suse.com + +- Update to 4.3.3. + + Malicious request can cause Samba LDAP server to hang, spinning using CPU; + CVE-2015-3223; (bso#11325); (bnc#958581). + + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); + (bnc#958586). + + Insufficient symlink verification (file access outside the share); + CVE-2015-5252; (bso#11395); (bnc#958582). + + No man in the middle protection when forcing smb encryption on the client + side; CVE-2015-5296; (bso#11536); (bnc#958584). + + Currently the snapshot browsing is not secure thru windows previous version + (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). + + Fix Microsoft MS15-096 to prevent machine accounts from being changed into + user accounts; CVE-2015-8467; (bso#11552); (bnc#958585). + ------------------------------------------------------------------- Tue Dec 1 16:48:13 UTC 2015 - lmuelle@suse.com diff --git a/samba.spec b/samba.spec index 0880c5c..42253e7 100644 --- a/samba.spec +++ b/samba.spec @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -122,14 +122,14 @@ BuildRequires: libavahi-devel BuildRequires: systemd BuildRequires: systemd-devel %endif -%define samba_ver 4.3.2 +%define samba_ver 4.3.3 %define samba_ver_suffix %nil %if "%{samba_ver_suffix}" == "" -%define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz -%define samba_source_signature_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc +%define samba_source_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz +%define samba_source_signature_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc %else -%define samba_source_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz -%define samba_source_signature_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc +%define samba_source_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz +%define samba_source_signature_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc %endif %define samba_ver_full %{samba_ver}%{samba_ver_suffix} %if 0%{?suse_version} && 0%{?suse_version} < 1031 @@ -144,13 +144,13 @@ BuildRequires: systemd-devel %else %define build_make_smp_mflags %{?jobs:-j%jobs} %endif -%define SOURCE_TIMESTAMP 3535 +%define SOURCE_TIMESTAMP 3552 %define BRANCH %{version} %global with_mitkrb5 1 %global with_dc 0 -Version: 4.3.2 +Version: 4.3.3 Release: 0 -Url: http://www.samba.org/ +Url: https://www.samba.org/ Provides: samba-gplv3 = %{version} Obsoletes: samba-gplv3 < %{version} %if 0%{?suse_version} > 1030 @@ -238,9 +238,9 @@ a server. The binaries expect the configuration file to be found in /etc/samba/smb.conf For a more detailed description of Samba, check the samba-doc package -or the Samba.org Web page at http://www.Samba.org/ +or the Samba.org Web page at https://www.Samba.org/ -Please check http://en.openSUSE.org/Samba for general information on +Please check https://en.openSUSE.org/Samba for general information on Samba as part of SUSE Linux Enterprise or openSUSE products, links to binary packages of the most current Samba version, and a bug reporting how to. @@ -277,9 +277,9 @@ act as a Samba client. The binaries expect the configuration file to be found in /etc/samba/smb.conf For a more detailed description of Samba, check the samba-doc package -or the Samba.org Web page at http://www.Samba.org/ +or the Samba.org Web page at https://www.Samba.org/ -Please check http://en.openSUSE.org/Samba for general information on +Please check https://en.openSUSE.org/Samba for general information on Samba as part of SUSE Linux Enterprise or openSUSE products, links to binary packages of the most current Samba version, and a bug reporting how to. diff --git a/vendor-files.tar.bz2 b/vendor-files.tar.bz2 index 53a3875..82ef41f 100644 --- a/vendor-files.tar.bz2 +++ b/vendor-files.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d0d7c9b656193c2a8d439b6f7cc9fccb9031ea457ed835c1594bbe6546d519f1 -size 53061 +oid sha256:db58877d59dbe26e26b5073034e5510f4d6c841e71024badfb4167b705d6e385 +size 52885