From 46d285235bd93ead02af39450c981179df9aa444 Mon Sep 17 00:00:00 2001 From: zhengruoqin Date: Tue, 21 Dec 2021 08:07:56 +0800 Subject: [PATCH] samba: upgrade 4.14.10 -> 4.14.11 Changelog: ============ There have been a few regressions in the security release 4.14.10: o CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html PLEASE [RE-]READ! The instructions have been updated and some workarounds initially adviced for 4.14.10 are no longer required and should be reverted in most cases. o BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become un-deletable. While this release should fix this bug, it is adviced to have a look at the bug report for more detailed information, see https://bugzilla.samba.org/show_bug.cgi?id=14902. Changes since 4.14.10 --------------------- * BUG 14878: Recursive directory delete with veto files is broken. * BUG 14879: A directory containing dangling symlinks cannot be deleted by SMB2 alone when they are the only entry in the directory. * BUG 14656: Spaces incorrectly collapsed in ldb attributes. * BUG 14694: Ensure that the LDB request has not timed out during filter processing as the LDAP server MaxQueryDuration is otherwise not honoured. * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token. * BUG 14902: User with multiple spaces (eg Fred<space><space>Nurk) become un- deletable. * BUG 14127: Avoid storing NTTIME_THAW (-2) as value on disk * BUG 14922: Kerberos authentication on standalone server in MIT realm broken. * BUG 14923: Segmentation fault when joining the domain. * BUG 14903: Support for ROLE_IPA_DC is incomplete. * BUG 14788: Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before smbd_smb2_ioctl_send. * BUG 14899: winbindd doesn't start when "allow trusted domains" is off. * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token. * BUG 14694: Ensure that the LDB request has not timed out during filter processing as the LDAP server MaxQueryDuration is otherwise not honoured. * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token. Signed-off-by: Zheng Ruoqin Signed-off-by: Khem Raj --- .../samba/{samba_4.14.10.bb => samba_4.14.11.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-networking/recipes-connectivity/samba/{samba_4.14.10.bb => samba_4.14.11.bb} (99%) diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.10.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.11.bb similarity index 99% rename from meta-networking/recipes-connectivity/samba/samba_4.14.10.bb rename to meta-networking/recipes-connectivity/samba/samba_4.14.11.bb index d51ec54d5c..0e125891e9 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.10.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.11.bb @@ -31,8 +31,7 @@ SRC_URI:append:libc-musl = " \ file://samba-fix-musl-lib-without-innetgr.patch \ " -SRC_URI[md5sum] = "02a3ae53a9c3feb2f3c5b97141b7a8cc" -SRC_URI[sha256sum] = "107ee862f58062682cec362ec68a24251292805f89aa4c97e7ab80237f91c7af" +SRC_URI[sha256sum] = "3d9ebbf3280c7cf5eac1b15aeff8857b31151abaec4d2987be015a66c2945d98" UPSTREAM_CHECK_REGEX = "samba\-(?P4\.14(\.\d+)+).tar.gz"