aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Peter Korsgaard <peter@korsgaard.com>2019-04-08 12:49:52 +0200
committerGravatar Thomas Petazzoni <thomas.petazzoni@bootlin.com>2019-04-10 15:58:19 +0200
commit8a662ae308586e60ae65114750a014b52b5969e0 (patch)
tree5921a9cc9ead850df09d0facb4e5a69d7f6dfd63
parente38641851a1bc334e6fb0a019ccf3af91098182f (diff)
downloadbuildroot-8a662ae308586e60ae65114750a014b52b5969e0.tar.gz
buildroot-8a662ae308586e60ae65114750a014b52b5969e0.tar.bz2
package/samba4: security bump to version 4.9.6
Fixes the following security vulnerabilities: - CVE-2019-3870: During the provision of a new Active Directory DC, some files in the private/ directory are created world-writable. https://www.samba.org/samba/security/CVE-2019-3870.html - CVE-2019-3880: Authenticated users with write permission can trigger a symlink traversal to write or detect files outside the Samba share. https://www.samba.org/samba/security/CVE-2019-3880.html For more details, see the release notes: https://www.samba.org/samba/history/samba-4.9.6.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-rw-r--r--package/samba4/samba4.hash4
-rw-r--r--package/samba4/samba4.mk2
2 files changed, 3 insertions, 3 deletions
diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index 70cea4809b..7762456cfd 100644
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,4 +1,4 @@
# Locally calculated after checking pgp signature
-# https://download.samba.org/pub/samba/stable/samba-4.9.5.tar.asc
-sha256 078956d2d98e22011265afd4b7221efe4861067dcba4a031583b01f34d423700 samba-4.9.5.tar.gz
+# https://download.samba.org/pub/samba/stable/samba-4.9.6.tar.asc
+sha256 c9205a651a83d69e200fec9dd65e9fa360f0c75ab3275b3dcb74e5cbaec60807 samba-4.9.6.tar.gz
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index 9b226a0e05..3f16b5be4a 100644
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SAMBA4_VERSION = 4.9.5
+SAMBA4_VERSION = 4.9.6
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
SAMBA4_INSTALL_STAGING = YES