[meta-networking,2/2] samba: upgrade 4.10.15 -> 4.10.17

Submitted by Yi Zhao on July 29, 2020, 9:35 a.m. | Patch ID: 174864

Details

Message ID 20200729093513.6782-2-yi.zhao@windriver.com
State Changes Requested
Commit c17a546af5e67534155f06cae030d046b461131e
Headers show

Commit Message

Yi Zhao July 29, 2020, 9:35 a.m.
This is a security release in order to address the following defects:

CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
                DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
                excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
                paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 .../samba/{samba_4.10.15.bb => samba_4.10.17.bb}              | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-connectivity/samba/{samba_4.10.15.bb => samba_4.10.17.bb} (99%)

Patch hide | download patch | download mbox

diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
similarity index 99%
rename from meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
rename to meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
index 01250cb43..6b1e5a042 100644
--- a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
+++ b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
@@ -36,8 +36,8 @@  SRC_URI_append_libc-musl = " \
            file://0001-samba-fix-musl-lib-without-innetgr.patch \
           "
 
-SRC_URI[md5sum] = "67e9f6b8c5140475641bf5121c93b3d4"
-SRC_URI[sha256sum] = "0b8b62558b62fbb121015f28f40fae0f07522710b6bef77c508b51bb6914ced9"
+SRC_URI[md5sum] = "f69cac9ba5035ee60257520a209a0a83"
+SRC_URI[sha256sum] = "03dc9758e7bfa2faf7cdeb45b4d40997e2ee16a41e71996aa666bc069e70ba3e"
 
 UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz"
 

Comments

Khem Raj July 31, 2020, 5:57 a.m.
this fails to build on musl see
https://errors.yoctoproject.org/Errors/Details/426320/ perhaps we need
patches from https://bugzilla.samba.org/show_bug.cgi?id=14415

On Wed, Jul 29, 2020 at 2:35 AM Yi Zhao <yi.zhao@windriver.com> wrote:
>
> This is a security release in order to address the following defects:
>
> CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
>                 DC LDAP Server with ASQ, VLV and paged_results.
> CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
>                 excessive CPU
> CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
>                 paged_results and VLV.
> CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
>
> Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
> ---
>  .../samba/{samba_4.10.15.bb => samba_4.10.17.bb}              | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>  rename meta-networking/recipes-connectivity/samba/{samba_4.10.15.bb => samba_4.10.17.bb} (99%)
>
> diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
> similarity index 99%
> rename from meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
> rename to meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
> index 01250cb43..6b1e5a042 100644
> --- a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
> +++ b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
> @@ -36,8 +36,8 @@ SRC_URI_append_libc-musl = " \
>             file://0001-samba-fix-musl-lib-without-innetgr.patch \
>            "
>
> -SRC_URI[md5sum] = "67e9f6b8c5140475641bf5121c93b3d4"
> -SRC_URI[sha256sum] = "0b8b62558b62fbb121015f28f40fae0f07522710b6bef77c508b51bb6914ced9"
> +SRC_URI[md5sum] = "f69cac9ba5035ee60257520a209a0a83"
> +SRC_URI[sha256sum] = "03dc9758e7bfa2faf7cdeb45b4d40997e2ee16a41e71996aa666bc069e70ba3e"
>
>  UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz"
>
> --
> 2.17.1
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#86063): https://lists.openembedded.org/g/openembedded-devel/message/86063
Mute This Topic: https://lists.openembedded.org/mt/75861590/3617530
Group Owner: openembedded-devel+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub  [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-
Yi Zhao July 31, 2020, 8:18 a.m.
On 7/31/20 1:57 PM, Khem Raj wrote:
> this fails to build on musl see
> https://errors.yoctoproject.org/Errors/Details/426320/ perhaps we need
> patches from https://bugzilla.samba.org/show_bug.cgi?id=14415


Thanks. I will send V2.


//Yi


>
> On Wed, Jul 29, 2020 at 2:35 AM Yi Zhao <yi.zhao@windriver.com> wrote:
>> This is a security release in order to address the following defects:
>>
>> CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
>>                  DC LDAP Server with ASQ, VLV and paged_results.
>> CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
>>                  excessive CPU
>> CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
>>                  paged_results and VLV.
>> CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
>>
>> Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
>> ---
>>   .../samba/{samba_4.10.15.bb => samba_4.10.17.bb}              | 4 ++--
>>   1 file changed, 2 insertions(+), 2 deletions(-)
>>   rename meta-networking/recipes-connectivity/samba/{samba_4.10.15.bb => samba_4.10.17.bb} (99%)
>>
>> diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
>> similarity index 99%
>> rename from meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
>> rename to meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
>> index 01250cb43..6b1e5a042 100644
>> --- a/meta-networking/recipes-connectivity/samba/samba_4.10.15.bb
>> +++ b/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
>> @@ -36,8 +36,8 @@ SRC_URI_append_libc-musl = " \
>>              file://0001-samba-fix-musl-lib-without-innetgr.patch \
>>             "
>>
>> -SRC_URI[md5sum] = "67e9f6b8c5140475641bf5121c93b3d4"
>> -SRC_URI[sha256sum] = "0b8b62558b62fbb121015f28f40fae0f07522710b6bef77c508b51bb6914ced9"
>> +SRC_URI[md5sum] = "f69cac9ba5035ee60257520a209a0a83"
>> +SRC_URI[sha256sum] = "03dc9758e7bfa2faf7cdeb45b4d40997e2ee16a41e71996aa666bc069e70ba3e"
>>
>>   UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz"
>>
>> --
>> 2.17.1
>>
>>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#86069): https://lists.openembedded.org/g/openembedded-devel/message/86069
Mute This Topic: https://lists.openembedded.org/mt/75861590/3617530
Group Owner: openembedded-devel+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub  [oe-patchwork@oe-patch.openembedded.org]
-=-=-=-=-=-=-=-=-=-=-=-