Lightly tested. Note that unix extensions = yes is the default.
==============================
Release Notes for Samba 4.1.23
March 8, 2015
==============================
This is a security release in order to address the following CVEs:
o CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
o CVE-2016-0771 (Out-of-bounds read in internal DNS server)
=======
Details
=======
o CVE-2015-7560:
All versions of Samba from 3.2.0 to 4.4.0rc3 inclusive are vulnerable to
a malicious client overwriting the ownership of ACLs using symlinks.
An authenticated malicious client can use SMB1 UNIX extensions to
create a symlink to a file or directory, and then use non-UNIX SMB1
calls to overwrite the contents of the ACL on the file or directory
linked to.
o CVE-2016-0771:
All versions of Samba from 4.0.0 to 4.4.0rc3 inclusive, when deployed as
an AD DC and choose to run the internal DNS server, are vulnerable to an
out-of-bounds read issue during DNS TXT record handling caused by users
with permission to modify DNS records.
A malicious client can upload a specially constructed DNS TXT record,
resulting in a remote denial-of-service attack. As long as the affected
TXT record remains undisturbed in the Samba database, a targeted DNS
query may continue to trigger this exploit.
While unlikely, the out-of-bounds read may bypass safety checks and
allow leakage of memory from the server in the form of a DNS TXT reply.
By default only authenticated accounts can upload DNS records,
as "allow dns updates = secure only" is the default.
Any other value would allow anonymous clients to trigger this
bug, which is a much higher risk.
ok?
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/samba/Makefile,v
retrieving revision 1.215
diff -u -p -r1.215 Makefile
--- Makefile 18 Jan 2016 12:10:51 -0000 1.215
+++ Makefile 8 Mar 2016 18:24:44 -0000
@@ -1,7 +1,7 @@
# $OpenBSD: Makefile,v 1.215 2016/01/18 12:10:51 sthen Exp $
SHARED_ONLY = Yes
-VERSION = 4.1.22
+VERSION = 4.1.23
DISTNAME = samba-${VERSION}
DOCSVERSION = v3-5-test-4c5a1b6b
DISTFILES = ${DISTNAME}${EXTRACT_SUFX} \
@@ -19,10 +19,8 @@ PKGNAME-tevent = tevent-${TEVENT_V}
PKGNAME-util = samba-util-${VERSION}
PKGNAME-docs = samba-docs-${VERSION}
-REVISION-main = 0
-REVISION-ldb = 6
-REVISION-tevent = 5
-REVISION-util = 0
+REVISION-ldb = 7
+REVISION-tevent = 6
PKG_ARCH-docs = *
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/samba/distinfo,v
retrieving revision 1.45
diff -u -p -r1.45 distinfo
--- distinfo 23 Dec 2015 12:37:21 -0000 1.45
+++ distinfo 8 Mar 2016 16:40:20 -0000
@@ -1,4 +1,4 @@
-SHA256 (samba-4.1.22.tar.gz) = VWOhyUotrIN8z/0fCCG7JeCXr/qnOJ/vGG+c+zSGz+U=
+SHA256 (samba-4.1.23.tar.gz) = LDMpG/VFS6Bei1/cLFfuAQz0TQd+V6MHrS576frCfNI=
SHA256 (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) =
bsF0WP1KT1M3jMx3Z88MbsEQ1QEq9catijXpnPm7hZA=
-SIZE (samba-4.1.22.tar.gz) = 19557688
+SIZE (samba-4.1.23.tar.gz) = 19562680
SIZE (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) = 8070761
Index: pkg/PLIST-main
===================================================================
RCS file: /cvs/ports/net/samba/pkg/PLIST-main,v
retrieving revision 1.30
diff -u -p -r1.30 PLIST-main
--- pkg/PLIST-main 25 Aug 2015 15:38:16 -0000 1.30
+++ pkg/PLIST-main 8 Mar 2016 18:21:26 -0000
@@ -730,9 +730,9 @@ lib/python${MODPY_VERSION}/site-packages
lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.py
lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.pyc
lib/python${MODPY_VERSION}/site-packages/samba/tests/gensec.pyo
-lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.py
-lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.pyc
-lib/python${MODPY_VERSION}/site-packages/samba/tests/getopt.pyo
+lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.py
+lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.pyc
+lib/python${MODPY_VERSION}/site-packages/samba/tests/get_opt.pyo
lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.py
lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.pyc
lib/python${MODPY_VERSION}/site-packages/samba/tests/hostconfig.pyo
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
