From 80e0583a7046aa2178928d5481b6a22148a2d5e2 Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Mon, 19 Dec 2016 16:50:38 -0300 Subject: [PATCH] samba4: security bump to version 4.4.8 Fixes: CVE-2016-2123 - Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability. CVE-2016-2125 - Unconditional privilege delegation to Kerberos servers in trusted realms. CVE-2016-2126 - Flaws in Kerberos PAC validation can trigger privilege elevation. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- package/samba4/samba4.hash | 2 +- package/samba4/samba4.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/samba4/samba4.hash b/package/samba4/samba4.hash index d6433f74f0..1e36d73fb4 100644 --- a/package/samba4/samba4.hash +++ b/package/samba4/samba4.hash @@ -1,2 +1,2 @@ # Locally calculated -sha256 a69d6612e4a421640242ca66c4dbb0e4c20281e77dc24970a332770814d45c7c samba-4.4.7.tar.gz +sha256 0e54de8a22b77f9712578029639331b51f818b70e194766c98475a5b99470fbf samba-4.4.8.tar.gz diff --git a/package/samba4/samba4.mk b/package/samba4/samba4.mk index 71cb4261e3..778902fd5f 100644 --- a/package/samba4/samba4.mk +++ b/package/samba4/samba4.mk @@ -4,7 +4,7 @@ # ################################################################################ -SAMBA4_VERSION = 4.4.7 +SAMBA4_VERSION = 4.4.8 SAMBA4_SITE = http://ftp.samba.org/pub/samba/stable SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz SAMBA4_INSTALL_STAGING = YES -- 2.30.2