NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ba9f42d5eb
kumquat-buildroot/package/samba4/0001-libreplace-disable-libbsd-support.patch
Bernd Kuhls e56f54220e package/samba4: security bump version to 4.11.13 
Version 4.11.11 fixed
o CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC
		  LDAP Server with ASQ, VLV and paged_results.
o CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
		  excessive CPU
o CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
		  paged_results and VLV.
o CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.

Version 4.11.12 was a bugfix-only release.

Version 4.11.13 fixes CVE-2020-1472.

Release notes:
https://www.samba.org/samba/history/samba-4.11.11.html
https://www.samba.org/samba/history/samba-4.11.12.html
https://www.samba.org/samba/security/CVE-2020-1472.html

Rebased patches 0001 & 0002.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-20 15:06:02 +02:00

47 lines
1.8 KiB
Diff
Raw Blame History

From 4df82c9e03b68dc1621fe4c9ac6a29ae3e64e07e Mon Sep 17 00:00:00 2001
From: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Wed, 7 Sep 2016 23:03:43 -0300
Subject: [PATCH] libreplace: disable libbsd support
Disable libbsd support, samba4 uses a global config.h for its own
codebase and that of heimdal (when building with builtin).
This causes redefinition conflicts for link(2) when both standard
unistd.h and bsd/unistd.h get included.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
[Bernd: rebased for versions 4.7.3, 4.8.0, 4.8.5 & 4.11.13]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
lib/replace/wscript | 15 ---------------
1 file changed, 15 deletions(-)
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 240d730cbee..c6d8df43c74 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -406,21 +406,6 @@ def configure(conf):
strlcpy_in_bsd = False
- # libbsd on some platforms provides strlcpy and strlcat
- if not conf.CHECK_FUNCS('strlcpy strlcat'):
- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
- checklibc=True):
- strlcpy_in_bsd = True
- if not conf.CHECK_FUNCS('getpeereid'):
- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
- if not conf.CHECK_FUNCS('setproctitle_init'):
- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
-
- if not conf.CHECK_FUNCS('closefrom'):
- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-
conf.CHECK_CODE('''
struct ucred cred;
socklen_t cred_len;
--
2.20.1
Reference in New Issue View Git Blame Copy Permalink