package/samba4: security bump version to 4.10.10

This is a security release in order to address the following defects:

o CVE-2019-10218: Client code can return filenames containing path
                  separators.
o CVE-2019-14833: Samba AD DC check password script does not receive
                  the full password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC
                  LDAP server via dirsync.

Release notes: https://www.samba.org/samba/history/samba-4.10.10.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index e88fe3d147d1b0d1c5e301300a37bfd379576eff..02220772f6be021035b4b9e8bc42424ed67ef883 100644 (file)
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-# https://download.samba.org/pub/samba/stable/samba-4.10.9.tar.asc
-sha256 366df54dc43ff8cb2d3f94fad2a8e8561a398d94ab64b86761778843b5e61678  samba-4.10.9.tar.gz
+# https://download.samba.org/pub/samba/stable/samba-4.10.10.tar.asc
+sha256 700c734b51610e2feaa0d6744f9bec0c0d8917bca8cc78d5b63a4591f32866a5  samba-4.10.10.tar.gz
 sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING

diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index dc0210e884637f4589b79f62f9e17360e8b2d699..c7910d87c8ca55fd08f9b4deb8abb856909b1d26 100644 (file)
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SAMBA4_VERSION = 4.10.9
+SAMBA4_VERSION = 4.10.10
 SAMBA4_SITE = https://download.samba.org/pub/samba/stable
 SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
 SAMBA4_INSTALL_STAGING = YES