From 0b332bb15cd83e0d9d19abb66c8a349024472706 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Fri, 7 May 2021 21:39:29 +0200 Subject: [PATCH] package/cifs-utils: security bump to version 6.13 Fix CVE-2021-20208: A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. https://lists.samba.org/archive/samba-technical/2021-April/136467.html Signed-off-by: Fabrice Fontaine Signed-off-by: Yann E. MORIN --- package/cifs-utils/cifs-utils.hash | 2 +- package/cifs-utils/cifs-utils.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/cifs-utils/cifs-utils.hash b/package/cifs-utils/cifs-utils.hash index cd7a9bba62..566a5c4bf4 100644 --- a/package/cifs-utils/cifs-utils.hash +++ b/package/cifs-utils/cifs-utils.hash @@ -1,5 +1,5 @@ # Locally calculated after checking pgp signature -sha256 922ddcc3059922e80789312c386b9c569991b4350d3ae3099de3e4b82f3885ef cifs-utils-6.12.tar.bz2 +sha256 43d8786c8613caccfa84913081c1d62bc2409575854cf895b05b48af0863d056 cifs-utils-6.13.tar.bz2 # Hash for license file: sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING diff --git a/package/cifs-utils/cifs-utils.mk b/package/cifs-utils/cifs-utils.mk index 473e8a2c28..b29557cbe8 100644 --- a/package/cifs-utils/cifs-utils.mk +++ b/package/cifs-utils/cifs-utils.mk @@ -4,7 +4,7 @@ # ################################################################################ -CIFS_UTILS_VERSION = 6.12 +CIFS_UTILS_VERSION = 6.13 CIFS_UTILS_SOURCE = cifs-utils-$(CIFS_UTILS_VERSION).tar.bz2 CIFS_UTILS_SITE = http://ftp.samba.org/pub/linux-cifs/cifs-utils CIFS_UTILS_LICENSE = GPL-3.0+ -- 2.30.2