Lightly tested. Note that unix extensions = yes is the default. ============================== Release Notes for Samba 4.1.23 March 8, 2015 ==============================
This is a security release in order to address the following CVEs: o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path) o CVE-2016-0771 (Out-of-bounds read in internal DNS server) ======= Details ======= o CVE-2015-7560: All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable to a malicious client overwriting the ownership of ACLs using symlinks. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or directory, and then use non-UNIX SMB1 calls to overwrite the contents of the ACL on the file or directory linked to. o CVE-2016-0771: All versions of Samba from 4.0.0 to 4.4.0rc3 inclusive, when deployed as an AD DC and choose to run the internal DNS server, are vulnerable to an out-of-bounds read issue during DNS TXT record handling caused by users with permission to modify DNS records. A malicious client can upload a specially constructed DNS TXT record, resulting in a remote denial-of-service attack. As long as the affected TXT record remains undisturbed in the Samba database, a targeted DNS query may continue to trigger this exploit. While unlikely, the out-of-bounds read may bypass safety checks and allow leakage of memory from the server in the form of a DNS TXT reply. By default only authenticated accounts can upload DNS records, as "allow dns updates = secure only" is the default. Any other value would allow anonymous clients to trigger this bug, which is a much higher risk. ok? Index: Makefile =================================================================== RCS file: /cvs/ports/net/samba/Makefile,v retrieving revision 1.215 diff -u -p -r1.215 Makefile --- Makefile 18 Jan 2016 12:10:51 -0000 1.215 +++ Makefile 8 Mar 2016 18:24:44 -0000 @@ -1,7 +1,7 @@ # $OpenBSD: Makefile,v 1.215 2016/01/18 12:10:51 sthen Exp $ SHARED_ONLY = Yes -VERSION = 4.1.22 +VERSION = 4.1.23 DISTNAME = samba-${VERSION} DOCSVERSION = v3-5-test-4c5a1b6b DISTFILES = ${DISTNAME}${EXTRACT_SUFX} \ @@ -19,10 +19,8 @@ PKGNAME-tevent = tevent-${TEVENT_V} PKGNAME-util = samba-util-${VERSION} PKGNAME-docs = samba-docs-${VERSION} -REVISION-main = 0 -REVISION-ldb = 6 -REVISION-tevent = 5 -REVISION-util = 0 +REVISION-ldb = 7 +REVISION-tevent = 6 PKG_ARCH-docs = * Index: distinfo =================================================================== RCS file: /cvs/ports/net/samba/distinfo,v retrieving revision 1.45 diff -u -p -r1.45 distinfo --- distinfo 23 Dec 2015 12:37:21 -0000 1.45 +++ distinfo 8 Mar 2016 16:40:20 -0000 @@ -1,4 +1,4 @@ -SHA256 (samba-4.1.22.tar.gz) = VWOhyUotrIN8z/0fCCG7JeCXr/qnOJ/vGG+c+zSGz+U= +SHA256 (samba-4.1.23.tar.gz) = LDMpG/VFS6Bei1/cLFfuAQz0TQd+V6MHrS576frCfNI= SHA256 (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) = bsF0WP1KT1M3jMx3Z88MbsEQ1QEq9catijXpnPm7hZA= -SIZE (samba-4.1.22.tar.gz) = 19557688 +SIZE (samba-4.1.23.tar.gz) = 19562680 SIZE (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) = 8070761 Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/net/samba/pkg/PLIST-main,v retrieving revision 1.30 diff -u -p -r1.30 PLIST-main --- pkg/PLIST-main 25 Aug 2015 15:38:16 -0000 1.30 +++ pkg/PLIST-main 8 Mar 2016 18:21:26 -0000 @@ -730,9 +730,9 @@ lib/python${MODPY_VERSION}/site-packages lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.py lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.pyc lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.pyo -lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.py -lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.pyc -lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.pyo +lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.py +lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.pyc +lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.pyo lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.py lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.pyc lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.pyo -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE