From 0d02e6c03c8d2e70d293f59701a654c76fd0e6b2 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 8 Nov 2019 11:24:49 +0800 Subject: [PATCH] samba: upgrade 4.10.8 -> 4.10.10 Security fixes: CVE-2019-10218: Client code can return filenames containing path separators. CVE-2019-14833: Samba AD DC check password script does not receive the full password. CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync. See: https://www.samba.org/samba/history/samba-4.10.10.html Signed-off-by: Yi Zhao Signed-off-by: Khem Raj --- .../samba/{samba_4.10.8.bb => samba_4.10.10.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-connectivity/samba/{samba_4.10.8.bb => samba_4.10.10.bb} (98%) diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.8.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.10.bb similarity index 98% rename from meta-networking/recipes-connectivity/samba/samba_4.10.8.bb rename to meta-networking/recipes-connectivity/samba/samba_4.10.10.bb index 4ab8b26c31..e002a9da5a 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.10.8.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.10.10.bb @@ -34,8 +34,8 @@ SRC_URI_append_libc-musl = " \ file://0001-samba-fix-musl-lib-without-innetgr.patch \ " -SRC_URI[md5sum] = "f3c722bbcd903479008fa1b529f56365" -SRC_URI[sha256sum] = "c41f05fb567f7359998b451543501c7690a2bf6551d658a76bd6916316a410f4" +SRC_URI[md5sum] = "dde27447f39d124efe18f719ccf956dd" +SRC_URI[sha256sum] = "700c734b51610e2feaa0d6744f9bec0c0d8917bca8cc78d5b63a4591f32866a5" UPSTREAM_CHECK_REGEX = "samba\-(?P4\.10(\.\d+)+).tar.gz"