projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4ceefab) | patch
package/samba4: security bump version to 4.11.13
authorBernd Kuhls <bernd.kuhls@t-online.de>
Sun, 20 Sep 2020 07:43:28 +0000 (09:43 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sun, 20 Sep 2020 13:06:02 +0000 (15:06 +0200)
commite56f54220ee14ccdbfdb60bf56e2a88b35877394
tree4ea2a79cc2e768f4e90341368a881fd4f54b28bftree
parent4ceefab178f0c9664302bb3bfd55fc64f07de08bcommit | diff
package/samba4: security bump version to 4.11.13

Version 4.11.11 fixed
o CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC
  LDAP Server with ASQ, VLV and paged_results.
o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
  excessive CPU
o CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
  paged_results and VLV.
o CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.

Version 4.11.12 was a bugfix-only release.

Version 4.11.13 fixes CVE-2020-1472.

Release notes:
https://www.samba.org/samba/history/samba-4.11.11.html
https://www.samba.org/samba/history/samba-4.11.12.html
https://www.samba.org/samba/security/CVE-2020-1472.html

Rebased patches 0001 & 0002.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/samba4/0001-libreplace-disable-libbsd-support.patch diff | blob | history
package/samba4/0002-build-find-pre-built-heimdal-build-tools-in-case-of-.patch diff | blob | history
package/samba4/samba4.hash diff | blob | history
package/samba4/samba4.mk diff | blob | history