From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Fri, 7 May 2021 19:39:29 +0000 (+0200)
Subject: package/cifs-utils: security bump to version 6.13
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=0b332bb15cd83e0d9d19abb66c8a349024472706;p=buildroot.git

package/cifs-utils: security bump to version 6.13

Fix CVE-2021-20208: A flaw was found in cifs-utils in versions before
6.13. A user when mounting a krb5 CIFS file system from within a
container can use Kerberos credentials of the host. The highest threat
from this vulnerability is to data confidentiality and integrity.

https://lists.samba.org/archive/samba-technical/2021-April/136467.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---

diff --git a/package/cifs-utils/cifs-utils.hash b/package/cifs-utils/cifs-utils.hash
index cd7a9bba62..566a5c4bf4 100644
--- a/package/cifs-utils/cifs-utils.hash
+++ b/package/cifs-utils/cifs-utils.hash
@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256  922ddcc3059922e80789312c386b9c569991b4350d3ae3099de3e4b82f3885ef  cifs-utils-6.12.tar.bz2
+sha256  43d8786c8613caccfa84913081c1d62bc2409575854cf895b05b48af0863d056  cifs-utils-6.13.tar.bz2
 
 # Hash for license file:
 sha256  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING
diff --git a/package/cifs-utils/cifs-utils.mk b/package/cifs-utils/cifs-utils.mk
index 473e8a2c28..b29557cbe8 100644
--- a/package/cifs-utils/cifs-utils.mk
+++ b/package/cifs-utils/cifs-utils.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CIFS_UTILS_VERSION = 6.12
+CIFS_UTILS_VERSION = 6.13
 CIFS_UTILS_SOURCE = cifs-utils-$(CIFS_UTILS_VERSION).tar.bz2
 CIFS_UTILS_SITE = http://ftp.samba.org/pub/linux-cifs/cifs-utils
 CIFS_UTILS_LICENSE = GPL-3.0+