package/samba4: security bump to version 4.9.8

Fixes the following security issues:

CVE-2018-16860: The checksum validation in the S4U2Self handler in the
embedded Heimdal KDC did not first confirm that the checksum was keyed,
allowing replacement of the requested target (client) principal.

For more details, see the advisory:
https://www.samba.org/samba/security/CVE-2018-16860.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash
index 9576690e4f47fde951e4c0f1d84269e6c578a404..7e82261b4eb8ef3ff72df1b7ab89a9901777a07a 100644 (file)
--- a/package/samba4/samba4.hash
+++ b/package/samba4/samba4.hash
@@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-# https://download.samba.org/pub/samba/stable/samba-4.9.7.tar.asc
-sha256 44e5bc58dcae6d86ca8d5f269fa927f20ff91bce97cde86fe4e83addcb89c001  samba-4.9.7.tar.gz
+# https://download.samba.org/pub/samba/stable/samba-4.9.8.tar.asc
+sha256 82ebb7c3f1847c39341dd97ff8b73f40fa83f5f794daeceb80f3c349ace3cf56  samba-4.9.8.tar.gz
 sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING

diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk
index 941d4df1d6b9dfeabdd47aa090a98ae338638806..d2f89e2c82b7fc1cf315c8b085080b018651fcfd 100644 (file)
--- a/package/samba4/samba4.mk
+++ b/package/samba4/samba4.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SAMBA4_VERSION = 4.9.7
+SAMBA4_VERSION = 4.9.8
 SAMBA4_SITE = https://download.samba.org/pub/samba/stable
 SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
 SAMBA4_INSTALL_STAGING = YES