aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Bernd Kuhls <bernd.kuhls@t-online.de>2017-07-13 22:03:48 +0200
committerGravatar Peter Korsgaard <peter@korsgaard.com>2017-07-19 16:32:43 +0200
commit7acbe4e952f8375e9d2ae80b00e5275fe59e6458 (patch)
tree5429cb7d87f2f6fd6c294e4e52b389df2a03cd02
parent4f04881f1b7e1f749964f4f0e3250d6d85d0c47d (diff)
downloadbuildroot-7acbe4e952f8375e9d2ae80b00e5275fe59e6458.tar.gz
buildroot-7acbe4e952f8375e9d2ae80b00e5275fe59e6458.tar.bz2
package/samba4: security bump to version 4.5.12
Fixes CVE-2017-11103: All versions of Samba from 4.0.0 onwards using embedded Heimdal Kerberos are vulnerable to a man-in-the-middle attack impersonating a trusted server, who may gain elevated access to the domain by returning malicious replication or authorization data. Samba binaries built against MIT Kerberos are not vulnerable. https://www.samba.org/samba/history/samba-4.5.12.html [Peter: add CVE info] Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit f97510659f914ee51c0f32e82664179a69ab17ba) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/samba4/samba4.hash2
-rw-r--r--package/samba4/samba4.mk2
2 files changed, 2 insertions, 2 deletions
diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index a16d834700..0783b37d06 100644
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,2 +1,2 @@
# Locally calculated
-sha256 7cb753f5f6d5527ef40d4c1f47dacafb7c876cb304b4906ccb390c6a18477714 samba-4.5.10.tar.gz
+sha256 f4c17123e3cc852a5ecc7e38884b00deab57632b9519aebc243e2a94b9b5ace4 samba-4.5.12.tar.gz
diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index 93c45daa58..b370f02d0c 100644
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SAMBA4_VERSION = 4.5.10
+SAMBA4_VERSION = 4.5.12
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
SAMBA4_INSTALL_STAGING = YES