- Update from version 4.18.4 to 4.18.5 - Update of rootfile not required - Changelog 4.18.5 This is a security release in order to address the following defects: o CVE-2022-2127: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. https://www.samba.org/samba/security/CVE-2022-2127.html o CVE-2023-3347: SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. https://www.samba.org/samba/security/CVE-2023-3347.html o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. https://www.samba.org/samba/security/CVE-2023-34966.html o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. https://www.samba.org/samba/security/CVE-2023-34967.html o CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server- side absolute path of shares and files and directories in search results. https://www.samba.org/samba/security/CVE-2023-34968.html o Ralph Boehme slow@samba.org * BUG 15072: CVE-2022-2127. * BUG 15340: CVE-2023-34966. * BUG 15341: CVE-2023-34967. * BUG 15388: CVE-2023-34968. * BUG 15397: CVE-2023-3347. o Volker Lendecke vl@samba.org * BUG 15072: CVE-2022-2127. o Stefan Metzmacher metze@samba.org * BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/samba | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/samba b/lfs/samba index 9e104f64a..99f211a3c 100644 --- a/lfs/samba +++ b/lfs/samba @@ -24,7 +24,7 @@
include Config
-VER = 4.18.4 +VER = 4.18.5 SUMMARY = A SMB/CIFS File, Print, and Authentication Server
THISAPP = samba-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 94 +PAK_VER = 95
DEPS = avahi cups perl-Parse-Yapp perl-JSON
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 1f1aab7eb933111b9b1c72af8c3dd379fe34014085129e9d5cc400b4e434742e1c08ad4fdf2a98291d6063ce9b2ddc811e9ab5dbb133a85e97f2158f83dd7c96 +$(DL_FILE)_BLAKE2 = 24c625372c6e4f7f4393777991221f7a7ad25513717436491ea3238c8d588e738eb1a64791606f691b3608362b3f3741f390f08975b2b0578c497984a4d44392
install : $(TARGET)