Security update for net/samba410

o CVE-2019-10218: Malicious servers can cause Samba client code to return filenames containing path separators to calling code. o CVE-2019-14833: When the password contains multi-byte (non-ASCII) characters, the check password script does not receive the full password string. o CVE-2019-14847: Users with the "get changes" extended access right can crash the AD DC LDAP server by requesting an attribute using the range= syntax. Security: CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 Sponsored by: my wife
svn path=/head/; revision=516123
2019-10-31 02:03:13 +00:00 · 2019-10-31 02:03:13 +00:00 · 874791b9db · 2021-03-31 03:12:20 +00:00
commit 874791b9db
parent 76aa49480c
3 changed files with 10 additions and 9 deletions
--- a/net/samba410/Makefile
+++ b/net/samba410/Makefile
@ -3,7 +3,7 @@

 PORTNAME=			${SAMBA4_BASENAME}410
 PORTVERSION=			${SAMBA4_VERSION}
-PORTREVISION=			1
+PORTREVISION=			0
 CATEGORIES?=			net
 MASTER_SITES=			SAMBA/samba/stable SAMBA/samba/rc
 DISTNAME=			${SAMBA4_DISTNAME}
@ -24,7 +24,7 @@ EXTRA_PATCHES+=			${PATCHDIR}/0001-provision-use-ASCII-quotes.patch:-p1

 SAMBA4_BASENAME=		samba
 SAMBA4_PORTNAME=		${SAMBA4_BASENAME}4
-SAMBA4_VERSION=			4.10.8
+SAMBA4_VERSION=			4.10.10
 SAMBA4_DISTNAME=		${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}

 WRKSRC?=			${WRKDIR}/${DISTNAME}
@ -68,7 +68,7 @@ CONFIGURE_ARGS+=		--mandir="${MANPREFIX}/man" \
 CONFIGURE_ENV+=			PTHREAD_LDFLAGS="-lpthread"

 USES+=				compiler:c++11-lang iconv localbase:ldflags \
-				perl5 pkgconfig shebangfix ssl waf
+				perl5 pkgconfig shebangfix ssl waf gettext-runtime
 USE_PERL5=			build
 USE_LDCONFIG=			${SAMBA4_LIBDIR}
 LLD_UNSAFE=			yes
@ -150,6 +150,7 @@ LIB_DEPENDS+=			libpopt.so:devel/popt
 LIB_DEPENDS+=			libinotify.so:devel/libinotify
 # GNUTLS
 LIB_DEPENDS+=			libgnutls.so:security/gnutls
+LIB_DEPENDS+=			libgcrypt.so:security/libgcrypt
 # NFSv4 ACL glue
 LIB_DEPENDS+=			libsunacl.so:sysutils/libsunacl
 # Jansson
@ -272,7 +273,8 @@ CONFIGURE_ARGS+=		\
 				--with-acl-support \
 				--with-sendfile-support \
 				--disable-ctdb-tests \
-				${ICONV_CONFIGURE_BASE}
+
+#				${ICONV_CONFIGURE_BASE}
 ##############################################################################
 FRUIT_PREVENTS=			ZEROCONF_NONE
 FRUIT_PREVENTS_MSG=		MacOSX support requires Zeroconf(AVAHI or MDNSRESPONDER)
--- a/net/samba410/distinfo
+++ b/net/samba410/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1567545609
-SHA256 (samba-4.10.8.tar.gz) = c41f05fb567f7359998b451543501c7690a2bf6551d658a76bd6916316a410f4
-SIZE (samba-4.10.8.tar.gz) = 18316560
+TIMESTAMP = 1572360437
+SHA256 (samba-4.10.10.tar.gz) = 700c734b51610e2feaa0d6744f9bec0c0d8917bca8cc78d5b63a4591f32866a5
+SIZE (samba-4.10.10.tar.gz) = 18335638
--- a/net/samba410/pkg-plist
+++ b/net/samba410/pkg-plist
@ -387,7 +387,6 @@ lib/samba4/private/libxattr-tdb-samba4.so
 %%SAMBA4_MODULEDIR%%/vfs/extd_audit.so
 %%SAMBA4_MODULEDIR%%/vfs/fake_perms.so
 %%SAMBA4_MODULEDIR%%/vfs/full_audit.so
-%%SAMBA4_MODULEDIR%%/vfs/glusterfs_fuse.so
 %%SAMBA4_MODULEDIR%%/vfs/linux_xfs_sgid.so
 %%SAMBA4_MODULEDIR%%/vfs/media_harmony.so
 %%SAMBA4_MODULEDIR%%/vfs/netatalk.so
@ -669,7 +668,6 @@ man/man8/vfs_extd_audit.8.gz
 man/man8/vfs_fake_perms.8.gz
 man/man8/vfs_freebsd.8.gz
 man/man8/vfs_full_audit.8.gz
-man/man8/vfs_glusterfs_fuse.8.gz
 man/man8/vfs_linux_xfs_sgid.8.gz
 man/man8/vfs_media_harmony.8.gz
 man/man8/vfs_netatalk.8.gz
@ -949,6 +947,7 @@ man/man8/winbindd.8.gz
 %%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_learner.py
 %%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_replay.py
 %%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_summary.py
+%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/undoguididx.py
 %%PYTHON_SITELIBDIR%%/samba/tests/common.py
 %%PYTHON_SITELIBDIR%%/samba/tests/complex_expressions.py
 %%PYTHON_SITELIBDIR%%/samba/tests/core.py