projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e386418) | patch
package/samba4: security bump to version 4.9.6
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 8 Apr 2019 10:49:52 +0000 (12:49 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Wed, 10 Apr 2019 13:58:19 +0000 (15:58 +0200)
commit8a662ae308586e60ae65114750a014b52b5969e0
tree5921a9cc9ead850df09d0facb4e5a69d7f6dfd63tree
parente38641851a1bc334e6fb0a019ccf3af91098182fcommit | diff
package/samba4: security bump to version 4.9.6

Fixes the following security vulnerabilities:

 - CVE-2019-3870:
   During the provision of a new Active Directory DC, some files in the private/
   directory are created world-writable.
   https://www.samba.org/samba/security/CVE-2019-3870.html

 - CVE-2019-3880:
   Authenticated users with write permission can trigger a symlink traversal to
   write or detect files outside the Samba share.
   https://www.samba.org/samba/security/CVE-2019-3880.html

For more details, see the release notes:
https://www.samba.org/samba/history/samba-4.9.6.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/samba4/samba4.hash diff | blob | history
package/samba4/samba4.mk diff | blob | history