kumquat-buildroot/package/cifs-utils/cifs-utils.mk
Fabrice Fontaine 0b332bb15c package/cifs-utils: security bump to version 6.13
Fix CVE-2021-20208: A flaw was found in cifs-utils in versions before
6.13. A user when mounting a krb5 CIFS file system from within a
container can use Kerberos credentials of the host. The highest threat
from this vulnerability is to data confidentiality and integrity.

https://lists.samba.org/archive/samba-technical/2021-April/136467.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-07 21:56:51 +02:00

43 lines
1.2 KiB
Makefile

################################################################################
#
# cifs-utils
#
################################################################################
CIFS_UTILS_VERSION = 6.13
CIFS_UTILS_SOURCE = cifs-utils-$(CIFS_UTILS_VERSION).tar.bz2
CIFS_UTILS_SITE = http://ftp.samba.org/pub/linux-cifs/cifs-utils
CIFS_UTILS_LICENSE = GPL-3.0+
CIFS_UTILS_LICENSE_FILES = COPYING
CIFS_UTILS_CPE_ID_VENDOR = samba
# Missing install-sh in release tarball
CIFS_UTILS_AUTORECONF = YES
CIFS_UTILS_DEPENDENCIES = host-pkgconf
# Let's disable PIE unconditionally. We want PIE to be enabled only by
# the global BR2_RELRO_FULL option.
CIFS_UTILS_CONF_OPTS = --disable-pie --disable-man
# uses C11 code in smbinfo.c and mtab.c
CIFS_UTILS_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=gnu11"
ifeq ($(BR2_PACKAGE_KEYUTILS),y)
CIFS_UTILS_DEPENDENCIES += keyutils
endif
define CIFS_UTILS_NO_WERROR
$(SED) 's/-Werror//' $(@D)/Makefile.in
endef
CIFS_UTILS_POST_PATCH_HOOKS += CIFS_UTILS_NO_WERROR
ifeq ($(BR2_PACKAGE_CIFS_UTILS_SMBTOOLS),)
define CIFS_UTILS_REMOVE_SMBTOOLS
rm -f $(TARGET_DIR)/usr/bin/smbinfo
rm -f $(TARGET_DIR)/usr/bin/smb2-quota
endef
CIFS_UTILS_POST_INSTALL_TARGET_HOOKS += CIFS_UTILS_REMOVE_SMBTOOLS
endif
$(eval $(autotools-package))