From: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue, 25 Jul 2023 14:37:17 +0000 (+0200)
Subject: samba: Update to version 4.18.5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=05fb9ba088b37ac5d87bc6b2aed2b66e5be90d2c;p=people%2Fpmueller%2Fipfire-2.x.git

samba: Update to version 4.18.5

- Update from version 4.18.4 to 4.18.5
- Update of rootfile not required
- Changelog
    4.18.5
      This is a security release in order to address the following defects:
	o CVE-2022-2127:  When winbind is used for NTLM authentication, a maliciously
	                  crafted request can trigger an out-of-bounds read in winbind
	                  and possibly crash it.
	                  https://www.samba.org/samba/security/CVE-2022-2127.html
	o CVE-2023-3347:  SMB2 packet signing is not enforced if an admin configured
	                  "server signing = required" or for SMB2 connections to Domain
	                  Controllers where SMB2 packet signing is mandatory.
	                  https://www.samba.org/samba/security/CVE-2023-3347.html
	o CVE-2023-34966: An infinite loop bug in Samba's mdssvc RPC service for
	                  Spotlight can be triggered by an unauthenticated attacker by
	                  issuing a malformed RPC request.
	                  https://www.samba.org/samba/security/CVE-2023-34966.html
	o CVE-2023-34967: Missing type validation in Samba's mdssvc RPC service for
	                  Spotlight can be used by an unauthenticated attacker to
	                  trigger a process crash in a shared RPC mdssvc worker process.
	                  https://www.samba.org/samba/security/CVE-2023-34967.html
	o CVE-2023-34968: As part of the Spotlight protocol Samba discloses the server-
	                  side absolute path of shares and files and directories in
	                  search results.
	                  https://www.samba.org/samba/security/CVE-2023-34968.html
	o  Ralph Boehme <slow@samba.org>
	   * BUG 15072: CVE-2022-2127.
	   * BUG 15340: CVE-2023-34966.
	   * BUG 15341: CVE-2023-34967.
	   * BUG 15388: CVE-2023-34968.
	   * BUG 15397: CVE-2023-3347.
	o  Volker Lendecke <vl@samba.org>
	   * BUG 15072: CVE-2022-2127.
	o  Stefan Metzmacher <metze@samba.org>
	   * BUG 15418: Secure channel faulty since Windows 10/11 update 07/2023.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/lfs/samba b/lfs/samba
index 9e104f64af..99f211a3c6 100644
--- a/lfs/samba
+++ b/lfs/samba
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 4.18.4
+VER        = 4.18.5
 SUMMARY    = A SMB/CIFS File, Print, and Authentication Server
 
 THISAPP    = samba-$(VER)
@@ -33,7 +33,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = samba
-PAK_VER    = 94
+PAK_VER    = 95
 
 DEPS       = avahi cups perl-Parse-Yapp perl-JSON
 
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 1f1aab7eb933111b9b1c72af8c3dd379fe34014085129e9d5cc400b4e434742e1c08ad4fdf2a98291d6063ce9b2ddc811e9ab5dbb133a85e97f2158f83dd7c96
+$(DL_FILE)_BLAKE2 = 24c625372c6e4f7f4393777991221f7a7ad25513717436491ea3238c8d588e738eb1a64791606f691b3608362b3f3741f390f08975b2b0578c497984a4d44392
 
 install : $(TARGET)