| Message ID | 20231019170324.3594584-1-matthias.fischer@ipfire.org |
|---|---|
| State | Staged |
| Commit | e1a68c27a091e1165aaa18ed47d763e81e8a8de4 |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4SBDZJ0brkz3wfD for <patchwork@web04.haj.ipfire.org>; Thu, 19 Oct 2023 17:03:36 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4SBDZG3zhzz1hc; Thu, 19 Oct 2023 17:03:34 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4SBDZG1gZmz2ypx; Thu, 19 Oct 2023 17:03:34 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4SBDZC58lHz2xKy for <development@lists.ipfire.org>; Thu, 19 Oct 2023 17:03:31 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4SBDZB6G7Szd2 for <development@lists.ipfire.org>; Thu, 19 Oct 2023 17:03:30 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1697735010; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=fRERn5HLDNzM/NMVaGXczKZ44V8Q+Hh30ET9v5JhvRU=; b=Zp7iCcWdvPznqSDrYf++G8SOApiZgbFBwE/zFqJWSKf0JbOtHdntyB1K2Xw3+RA4/UM2z4 1GBSzXkn4YsuYzAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1697735010; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=fRERn5HLDNzM/NMVaGXczKZ44V8Q+Hh30ET9v5JhvRU=; b=WV/yhIOLoG1TYLzGOdTvm/cIAJUdRBaWqJTTLWUTFLOkhg1aTEtqYkGNxUB6h8UIibnJil 90aYUwmcHlnpAG0jOvjGWZ9liGj06P835EkFo0r6hbyLzcW1E5b2UC3SGYx7VHcEWXQkfl 1nkAN8T2xzukC0FGfjWCGkjPTUM8A6wjzECmm8mXEfbAtEeS+AXqF+5ulLEHtWkslqA3WK d93udwR2Wn28SStJeupLsbaAe2F1wA8Ro3EirYtxl0IB6Su/pcG0e9acaHPLhMVBBkpwJW Gcq6+0dnPoqIB6+xLJO38H8mUAkitiGxuOTFwJzaH+EIqYr2BRHO74fKV58LQg== From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] samba: Update to 4.19.2 Date: Thu, 19 Oct 2023 19:03:24 +0200 Message-Id: <20231019170324.3594584-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: 3MPBEGLCTESYDIXX3UUWPPNBYQKNTUPE X-Message-ID-Hash: 3MPBEGLCTESYDIXX3UUWPPNBYQKNTUPE X-MailFrom: matthias.fischer@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> Archived-At: <https://lists.ipfire.org/mailman3/hyperkitty/list/development@lists.ipfire.org/message/3MPBEGLCTESYDIXX3UUWPPNBYQKNTUPE/> List-Archive: <https://lists.ipfire.org/mailman3/hyperkitty/list/development@lists.ipfire.org/> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Owner: <mailto:development-owner@lists.ipfire.org> List-Post: <mailto:development@lists.ipfire.org> List-Subscribe: <mailto:development-join@lists.ipfire.org> List-Unsubscribe: <mailto:development-leave@lists.ipfire.org> |
| Series |
samba: Update to 4.19.2
|
|
Commit Message
Matthias Fischer
Oct. 19, 2023, 5:03 p.m. UTC
For details see:
v4.19.1. => https://www.samba.org/samba/history/samba-4.19.1.html
"
==============================
Release Notes for Samba 4.19.1
October 10, 2023
==============================
This is a security release in order to address the following defects:
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html"
v4.19.2 => https://www.samba.org/samba/history/samba-4.19.2.html
"Changes since 4.19.1
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown
after failed IPC FSCTL_PIPE_TRANSCEIVE.
* BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown()
call.
o Ralph Boehme <slow@samba.org>
* BUG 15463: macOS mdfind returns only 50 results.
o Volker Lendecke <vl@samba.org>
* BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
previous cache entry value.
o Stefan Metzmacher <metze@samba.org>
* BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
impacts sendmail, zabbix, potentially more.
o Martin Schwenke <mschwenke@ddn.com>
* BUG 15479: ctdbd: setproctitle not initialized messages flooding logs.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the
Heimdal KDC in Samba 4.19
* BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
in use."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
config/rootfiles/packages/x86_64/samba | 1 -
lfs/samba | 6 +++---
2 files changed, 3 insertions(+), 4 deletions(-)
Comments
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org> On 19/10/2023 19:03, Matthias Fischer wrote: > For details see: > > v4.19.1. => https://www.samba.org/samba/history/samba-4.19.1.html > " > ============================== > Release Notes for Samba 4.19.1 > October 10, 2023 > ============================== > > This is a security release in order to address the following defects: > > o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to > existing unix domain sockets on the file system. > https://www.samba.org/samba/security/CVE-2023-3961.html > > o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with > OVERWRITE disposition when using the acl_xattr Samba VFS > module with the smb.conf setting > "acl_xattr:ignore system acls = yes" > https://www.samba.org/samba/security/CVE-2023-4091.html > > o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all > attributes, including secrets and passwords. Additionally, > the access check fails open on error conditions. > https://www.samba.org/samba/security/CVE-2023-4154.html > > o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the > server block for a user-defined amount of time, denying > service. > https://www.samba.org/samba/security/CVE-2023-42669.html > > o CVE-2023-42670: Samba can be made to start multiple incompatible RPC > listeners, disrupting service on the AD DC. > https://www.samba.org/samba/security/CVE-2023-42670.html" > > v4.19.2 => https://www.samba.org/samba/history/samba-4.19.2.html > "Changes since 4.19.1 > -------------------- > > o Jeremy Allison <jra@samba.org> > * BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown > after failed IPC FSCTL_PIPE_TRANSCEIVE. > * BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown() > call. > > o Ralph Boehme <slow@samba.org> > * BUG 15463: macOS mdfind returns only 50 results. > > o Volker Lendecke <vl@samba.org> > * BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with > previous cache entry value. > > o Stefan Metzmacher <metze@samba.org> > * BUG 15464: libnss_winbind causes memory corruption since samba-4.18, > impacts sendmail, zabbix, potentially more. > > o Martin Schwenke <mschwenke@ddn.com> > * BUG 15479: ctdbd: setproctitle not initialized messages flooding logs. > > o Joseph Sutton <josephsutton@catalyst.net.nz> > * BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the > Heimdal KDC in Samba 4.19 > * BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is > in use." > > Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> > --- > config/rootfiles/packages/x86_64/samba | 1 - > lfs/samba | 6 +++--- > 2 files changed, 3 insertions(+), 4 deletions(-) > > diff --git a/config/rootfiles/packages/x86_64/samba b/config/rootfiles/packages/x86_64/samba > index 4e5cee3a8..7a44b9cdb 100644 > --- a/config/rootfiles/packages/x86_64/samba > +++ b/config/rootfiles/packages/x86_64/samba > @@ -923,7 +923,6 @@ usr/libexec/samba/rpcd_epmapper > usr/libexec/samba/rpcd_fsrvp > usr/libexec/samba/rpcd_lsad > usr/libexec/samba/rpcd_mdssvc > -usr/libexec/samba/rpcd_rpcecho > usr/libexec/samba/rpcd_spoolss > usr/libexec/samba/rpcd_winreg > usr/libexec/samba/samba-bgqd > diff --git a/lfs/samba b/lfs/samba > index 77bb569cd..2f2184ecc 100644 > --- a/lfs/samba > +++ b/lfs/samba > @@ -24,7 +24,7 @@ > > include Config > > -VER = 4.19.0 > +VER = 4.19.2 > SUMMARY = A SMB/CIFS File, Print, and Authentication Server > > THISAPP = samba-$(VER) > @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) > DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > PROG = samba > -PAK_VER = 96 > +PAK_VER = 97 > > DEPS = avahi cups perl-Parse-Yapp perl-JSON > > @@ -47,7 +47,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_BLAKE2 = 4e0db41d7d06e195cee994c5ec02a37892c1a7dd99ea9defb845fe2fbf96446846c469007218b6b0d6077c0886f0d08b2a4376acba1ed455b641daacd9018f12 > +$(DL_FILE)_BLAKE2 = cb3747f1be6e712c6e68f3720e68aee7db2e4dcc48a9210d002337d6690ed8b027919f333dc4a7c1e74b716ebceeff1d8071463899513edfe51da967d71d8148 > > install : $(TARGET) >
diff --git a/config/rootfiles/packages/x86_64/samba b/config/rootfiles/packages/x86_64/samba index 4e5cee3a8..7a44b9cdb 100644 --- a/config/rootfiles/packages/x86_64/samba +++ b/config/rootfiles/packages/x86_64/samba @@ -923,7 +923,6 @@ usr/libexec/samba/rpcd_epmapper usr/libexec/samba/rpcd_fsrvp usr/libexec/samba/rpcd_lsad usr/libexec/samba/rpcd_mdssvc -usr/libexec/samba/rpcd_rpcecho usr/libexec/samba/rpcd_spoolss usr/libexec/samba/rpcd_winreg usr/libexec/samba/samba-bgqd diff --git a/lfs/samba b/lfs/samba index 77bb569cd..2f2184ecc 100644 --- a/lfs/samba +++ b/lfs/samba @@ -24,7 +24,7 @@ include Config -VER = 4.19.0 +VER = 4.19.2 SUMMARY = A SMB/CIFS File, Print, and Authentication Server THISAPP = samba-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 96 +PAK_VER = 97 DEPS = avahi cups perl-Parse-Yapp perl-JSON @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 4e0db41d7d06e195cee994c5ec02a37892c1a7dd99ea9defb845fe2fbf96446846c469007218b6b0d6077c0886f0d08b2a4376acba1ed455b641daacd9018f12 +$(DL_FILE)_BLAKE2 = cb3747f1be6e712c6e68f3720e68aee7db2e4dcc48a9210d002337d6690ed8b027919f333dc4a7c1e74b716ebceeff1d8071463899513edfe51da967d71d8148 install : $(TARGET)