From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] samba: Update to version 4.18.5
Date: Tue, 25 Jul 2023 16:37:17 +0200
Message-ID: <20230725143717.3458626-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2663710299349638786=="
List-Id: <development.lists.ipfire.org>

--===============2663710299349638786==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update from version 4.18.4 to 4.18.5
- Update of rootfile not required
- Changelog
    4.18.5
      This is a security release in order to address the following defects:
	o CVE-2022-2127:  When winbind is used for NTLM authentication, a maliciously
	                  crafted request can trigger an out-of-bounds read in winbi=
nd
	                  and possibly crash it.
	                  https://www.samba.org/samba/security/CVE-2022-2127.html
	o CVE-2023-3347:  SMB2 packet signing is not enforced if an admin configured
	                  "server signing =3D required" or for SMB2 connections to D=
omain
	                  Controllers where SMB2 packet signing is mandatory.
	                  https://www.samba.org/samba/security/CVE-2023-3347.html
	o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for
	                  Spotlight can be triggered by an unauthenticated attacker =
by
	                  issuing a malformed RPC request.
	                  https://www.samba.org/samba/security/CVE-2023-34966.html
	o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for
	                  Spotlight can be used by an unauthenticated attacker to
	                  trigger a process crash in a shared RPC mdssvc worker proc=
ess.
	                  https://www.samba.org/samba/security/CVE-2023-34967.html
	o CVE-2023-34968: As part of the Spotlight protocol Samba discloses the serv=
er-
	                  side absolute path of shares and files and directories in
	                  search results.
	                  https://www.samba.org/samba/security/CVE-2023-34968.html
	o  Ralph Boehme <slow(a)samba.org>
	   * BUG 15072: CVE-2022-2127.
	   * BUG 15340: CVE-2023-34966.
	   * BUG 15341: CVE-2023-34967.
	   * BUG 15388: CVE-2023-34968.
	   * BUG 15397: CVE-2023-3347.
	o  Volker Lendecke <vl(a)samba.org>
	   * BUG 15072: CVE-2022-2127.
	o  Stefan Metzmacher <metze(a)samba.org>
	   * BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 lfs/samba | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/samba b/lfs/samba
index 9e104f64a..99f211a3c 100644
--- a/lfs/samba
+++ b/lfs/samba
@@ -24,7 +24,7 @@
=20
 include Config
=20
-VER        =3D 4.18.4
+VER        =3D 4.18.5
 SUMMARY    =3D A SMB/CIFS File, Print, and Authentication Server
=20
 THISAPP    =3D samba-$(VER)
@@ -33,7 +33,7 @@ DL_FROM    =3D $(URL_IPFIRE)
 DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
 PROG       =3D samba
-PAK_VER    =3D 94
+PAK_VER    =3D 95
=20
 DEPS       =3D avahi cups perl-Parse-Yapp perl-JSON
=20
@@ -47,7 +47,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 1f1aab7eb933111b9b1c72af8c3dd379fe34014085129e9d5cc400=
b4e434742e1c08ad4fdf2a98291d6063ce9b2ddc811e9ab5dbb133a85e97f2158f83dd7c96
+$(DL_FILE)_BLAKE2 =3D 24c625372c6e4f7f4393777991221f7a7ad25513717436491ea323=
8c8d588e738eb1a64791606f691b3608362b3f3741f390f08975b2b0578c497984a4d44392
=20
 install : $(TARGET)
=20
--=20
2.41.0


--===============2663710299349638786==--