diff options
| author | Yi Zhao <yi.zhao@windriver.com> | 2023-10-12 19:56:11 +0800 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2023-10-12 08:06:57 -0700 |
| commit | f674a9d4f9feb3afecdc81f4bced5469edc3bc71 (patch) | |
| tree | 402c8dcaeef5a4fdf856f0e45c6f9840b1733373 /meta-networking | |
| parent | 8bab5168788de6ba7c17630ddd1f191e19602472 (diff) | |
| download | meta-openembedded-f674a9d4f9feb3afecdc81f4bced5469edc3bc71.tar.gz | |
samba: upgrade 4.18.6 -> 4.18.8
This is a security release in order to address the following defects:
CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html
Release Notes:
https://www.samba.org/samba/history/samba-4.18.8.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking')
| -rw-r--r-- | meta-networking/recipes-connectivity/samba/samba_4.18.8.bb (renamed from meta-networking/recipes-connectivity/samba/samba_4.18.6.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba_4.18.6.bb b/meta-networking/recipes-connectivity/samba/samba_4.18.8.bb index c40e10224..1ded9fe5e 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.18.6.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.18.8.bb | |||
| @@ -32,7 +32,7 @@ SRC_URI:append:libc-musl = " \ | |||
| 32 | file://cmocka-uintptr_t.patch \ | 32 | file://cmocka-uintptr_t.patch \ |
| 33 | " | 33 | " |
| 34 | 34 | ||
| 35 | SRC_URI[sha256sum] = "284c8a994ce989c87cd6808c390fcb9d00c36b21a0dc1a8a75474b67c9e715e7" | 35 | SRC_URI[sha256sum] = "4fb87bceaeb01d832a59046c197a044b7e8e8000581548b5d577a6cda03344d1" |
| 36 | 36 | ||
| 37 | UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.18(\.\d+)+).tar.gz" | 37 | UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.18(\.\d+)+).tar.gz" |
| 38 | 38 | ||