* [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5
@ 2023-07-19 20:10 Bernd Kuhls
2023-07-20 21:29 ` Thomas Petazzoni via buildroot
2023-08-26 17:41 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2023-07-19 20:10 UTC (permalink / raw)
To: buildroot
Release notes: https://www.samba.org/samba/history/samba-4.18.5.html
Fixes the following CVEs:
o CVE-2022-2127:
When winbind is used for NTLM authentication, a maliciously
crafted request can trigger an out-of-bounds read in winbind
and possibly crash it.
https://www.samba.org/samba/security/CVE-2022-2127.html
o CVE-2023-3347:
SMB2 packet signing is not enforced if an admin configured
"server signing = required" or for SMB2 connections to Domain
Controllers where SMB2 packet signing is mandatory.
https://www.samba.org/samba/security/CVE-2023-3347.html
o CVE-2023-34966:
An infinite loop bug in Samba's mdssvc RPC service for
Spotlight can be triggered by an unauthenticated attacker by
issuing a malformed RPC request.
https://www.samba.org/samba/security/CVE-2023-34966.html
o CVE-2023-34967:
Missing type validation in Samba's mdssvc RPC service for
Spotlight can be used by an unauthenticated attacker to
trigger a process crash in a shared RPC mdssvc worker process.
https://www.samba.org/samba/security/CVE-2023-34967.html
o CVE-2023-34968:
As part of the Spotlight protocol Samba discloses the server-
side absolute path of shares and files and directories in
search results.
https://www.samba.org/samba/security/CVE-2023-34968.html
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
package/samba4/samba4.hash | 4 ++--
package/samba4/samba4.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index cc7eee620f..1901707f3b 100644
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,4 +1,4 @@
# Locally calculated after checking pgp signature
-# https://download.samba.org/pub/samba/stable/samba-4.18.4.tar.asc
-sha256 6ba7b3503cc59c9ff4f6fcb1b510c2c855fff93e0b366ab891a32a4732e88e53 samba-4.18.4.tar.gz
+# https://download.samba.org/pub/samba/stable/samba-4.18.5.tar.asc
+sha256 095256ac332e1d9fbf9b7ff7823f92a3233d3ed658ce7fc9b33905c2243f447f samba-4.18.5.tar.gz
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index a14cc63c01..edc0fee286 100644
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SAMBA4_VERSION = 4.18.4
+SAMBA4_VERSION = 4.18.5
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
SAMBA4_INSTALL_STAGING = YES
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5
2023-07-19 20:10 [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5 Bernd Kuhls
@ 2023-07-20 21:29 ` Thomas Petazzoni via buildroot
2023-08-26 17:41 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-07-20 21:29 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On Wed, 19 Jul 2023 22:10:05 +0200
Bernd Kuhls <bernd@kuhls.net> wrote:
> Release notes: https://www.samba.org/samba/history/samba-4.18.5.html
>
> Fixes the following CVEs:
>
> o CVE-2022-2127:
> When winbind is used for NTLM authentication, a maliciously
> crafted request can trigger an out-of-bounds read in winbind
> and possibly crash it.
> https://www.samba.org/samba/security/CVE-2022-2127.html
>
> o CVE-2023-3347:
> SMB2 packet signing is not enforced if an admin configured
> "server signing = required" or for SMB2 connections to Domain
> Controllers where SMB2 packet signing is mandatory.
> https://www.samba.org/samba/security/CVE-2023-3347.html
>
> o CVE-2023-34966:
> An infinite loop bug in Samba's mdssvc RPC service for
> Spotlight can be triggered by an unauthenticated attacker by
> issuing a malformed RPC request.
> https://www.samba.org/samba/security/CVE-2023-34966.html
>
> o CVE-2023-34967:
> Missing type validation in Samba's mdssvc RPC service for
> Spotlight can be used by an unauthenticated attacker to
> trigger a process crash in a shared RPC mdssvc worker process.
> https://www.samba.org/samba/security/CVE-2023-34967.html
>
> o CVE-2023-34968:
> As part of the Spotlight protocol Samba discloses the server-
> side absolute path of shares and files and directories in
> search results.
> https://www.samba.org/samba/security/CVE-2023-34968.html
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
> package/samba4/samba4.hash | 4 ++--
> package/samba4/samba4.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5
2023-07-19 20:10 [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5 Bernd Kuhls
2023-07-20 21:29 ` Thomas Petazzoni via buildroot
@ 2023-08-26 17:41 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2023-08-26 17:41 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes:
> Release notes: https://www.samba.org/samba/history/samba-4.18.5.html
> Fixes the following CVEs:
> o CVE-2022-2127:
> When winbind is used for NTLM authentication, a maliciously
> crafted request can trigger an out-of-bounds read in winbind
> and possibly crash it.
> https://www.samba.org/samba/security/CVE-2022-2127.html
> o CVE-2023-3347:
> SMB2 packet signing is not enforced if an admin configured
> "server signing = required" or for SMB2 connections to Domain
> Controllers where SMB2 packet signing is mandatory.
> https://www.samba.org/samba/security/CVE-2023-3347.html
> o CVE-2023-34966:
> An infinite loop bug in Samba's mdssvc RPC service for
> Spotlight can be triggered by an unauthenticated attacker by
> issuing a malformed RPC request.
> https://www.samba.org/samba/security/CVE-2023-34966.html
> o CVE-2023-34967:
> Missing type validation in Samba's mdssvc RPC service for
> Spotlight can be used by an unauthenticated attacker to
> trigger a process crash in a shared RPC mdssvc worker process.
> https://www.samba.org/samba/security/CVE-2023-34967.html
> o CVE-2023-34968:
> As part of the Spotlight protocol Samba discloses the server-
> side absolute path of shares and files and directories in
> search results.
> https://www.samba.org/samba/security/CVE-2023-34968.html
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Looks like the 4.15.x version is EOL, so applied to 2023.02.x and
2023.05.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-08-26 17:41 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-19 20:10 [Buildroot] [PATCH 1/1] package/samba4: security bump version to 4.18.5 Bernd Kuhls
2023-07-20 21:29 ` Thomas Petazzoni via buildroot
2023-08-26 17:41 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox