Date: Tue, 9 Apr 2019 10:07:22 +0000 (UTC) From: "Timur I. Bakeyev" <timur@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r498474 - in head/net/samba48: . files Message-ID: <201904091007.x39A7Mwn051439@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: timur Date: Tue Apr 9 10:07:22 2019 New Revision: 498474 URL: https://svnweb.freebsd.org/changeset/ports/498474 Log: Upgrade Samba 4.8 to the 4.8.11, addressing CVE-2019-3880. Security: CVE-2019-3880 Added: head/net/samba48/files/patch-source3_rpc__server_mdssvc_mdssvc.c (contents, props changed) Modified: head/net/samba48/Makefile head/net/samba48/distinfo head/net/samba48/files/patch-bind13 head/net/samba48/pkg-plist Modified: head/net/samba48/Makefile ============================================================================== --- head/net/samba48/Makefile Tue Apr 9 10:05:44 2019 (r498473) +++ head/net/samba48/Makefile Tue Apr 9 10:07:22 2019 (r498474) @@ -3,7 +3,7 @@ PORTNAME= ${SAMBA4_BASENAME}48 PORTVERSION= ${SAMBA4_VERSION} -PORTREVISION= 1 +PORTREVISION= 0 CATEGORIES?= net MASTER_SITES= SAMBA/samba/stable SAMBA/samba/rc DISTNAME= ${SAMBA4_DISTNAME} @@ -24,7 +24,7 @@ EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-228462.patch:-p SAMBA4_BASENAME= samba SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4 -SAMBA4_VERSION= 4.8.9 +SAMBA4_VERSION= 4.8.11 SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|} WRKSRC?= ${WRKDIR}/${DISTNAME} @@ -68,8 +68,9 @@ CONFIGURE_ARGS+= --mandir="${MANPREFIX}/man" \ # XXX: Flags CONFIGURE_ENV+= PTHREAD_LDFLAGS="-lpthread" -USES= compiler:c++11-lang cpe iconv \ - localbase:ldflags perl5 pkgconfig shebangfix waf +USES= compiler:c++11-lang cpe iconv gettext-runtime \ + localbase:ldflags perl5 pkgconfig shebangfix \ + ssl waf USE_PERL5= build USE_LDCONFIG= ${SAMBA4_LIBDIR} WAF_CMD= buildtools/bin/waf @@ -101,7 +102,7 @@ OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_BUILTIN GSSAPI_MIT OPTIONS_RADIO= DNS ZEROCONF -OPTIONS_RADIO_DNS= NSUPDATE BIND911 BIND912 BIND913 +OPTIONS_RADIO_DNS= NSUPDATE BIND911 BIND912 BIND913 BIND914 OPTIONS_RADIO_ZEROCONF= MDNSRESPONDER AVAHI ############################################################################## AD_DC_DESC= Active Directory Domain Controller @@ -128,6 +129,7 @@ GSSAPI_BUILTIN_DESC= GSSAPI support via bundled Heimd BIND911_DESC= Use Bind 9.11 as AD DC DNS server frontend BIND912_DESC= Use Bind 9.12 as AD DC DNS server frontend BIND913_DESC= Use Bind 9.13 as AD DC DNS server frontend +BIND914_DESC= Use Bind 9.14 as AD DC DNS server frontend NSUPDATE_DESC= Use samba NSUPDATE utility for AD DC ############################################################################## # XXX: Unconditional dependencies which can't be switched off(if present in @@ -272,6 +274,7 @@ CONFIGURE_ARGS+= \ BIND911_RUN_DEPENDS= bind911>=9.11.0.0:dns/bind911 BIND912_RUN_DEPENDS= bind912>=9.12.0.0:dns/bind912 BIND913_RUN_DEPENDS= bind913>=9.13.0.0:dns/bind913 +BIND914_RUN_DEPENDS= bind914>=9.14.0.0:dns/bind914 NSUPDATE_RUN_DEPENDS= samba-nsupdate:dns/samba-nsupdate AVAHI_CONFIGURE_ENABLE= avahi Modified: head/net/samba48/distinfo ============================================================================== --- head/net/samba48/distinfo Tue Apr 9 10:05:44 2019 (r498473) +++ head/net/samba48/distinfo Tue Apr 9 10:07:22 2019 (r498474) @@ -1,3 +1,3 @@ -TIMESTAMP = 1549652430 -SHA256 (samba-4.8.9.tar.gz) = ad2acf6bed436c125314a054f0589308eb664ac3d96cfb02d05e654a44e09c80 -SIZE (samba-4.8.9.tar.gz) = 17750151 +TIMESTAMP = 1554714921 +SHA256 (samba-4.8.11.tar.gz) = d294a8d7455d7d252d7bafc9c474855ea6e0ebe559c3babcd303a5c24e58710a +SIZE (samba-4.8.11.tar.gz) = 17761896 Modified: head/net/samba48/files/patch-bind13 ============================================================================== --- head/net/samba48/files/patch-bind13 Tue Apr 9 10:05:44 2019 (r498473) +++ head/net/samba48/files/patch-bind13 Tue Apr 9 10:07:22 2019 (r498474) @@ -1,6 +1,6 @@ --- source4/dns_server/wscript_build.orig 2018-01-14 20:41:58 UTC +++ source4/dns_server/wscript_build -@@ -58,6 +58,26 @@ +@@ -58,6 +58,36 @@ deps='samba-hostconfig samdb-common gensec popt dnsserver_common', enabled=bld.AD_DC_BUILD_IS_ENABLED()) @@ -24,6 +24,16 @@ + deps='samba-hostconfig samdb-common gensec popt dnsserver_common', + enabled=bld.AD_DC_BUILD_IS_ENABLED()) + ++bld.SAMBA_LIBRARY('dlz_bind9_14', ++ source='dlz_bind9.c', ++ cflags='-DBIND_VERSION_9_14', ++ private_library=True, ++ link_name='modules/bind9/dlz_bind9_14.so', ++ realname='dlz_bind9_14.so', ++ install_path='${MODULESDIR}/bind9', ++ deps='samba-hostconfig samdb-common gensec popt dnsserver_common', ++ enabled=bld.AD_DC_BUILD_IS_ENABLED()) ++ bld.SAMBA_LIBRARY('dlz_bind9_for_torture', source='dlz_bind9.c', cflags='-DBIND_VERSION_9_8', @@ -34,13 +44,13 @@ # define DLZ_DLOPEN_VERSION 3 # define DNS_CLIENTINFO_VERSION 1 -#elif defined (BIND_VERSION_9_11) -+#elif defined (BIND_VERSION_9_11) || defined (BIND_VERSION_9_12) || defined (BIND_VERSION_9_13) ++#elif defined (BIND_VERSION_9_11) || defined (BIND_VERSION_9_12) || defined (BIND_VERSION_9_13) || defined (BIND_VERSION_9_14) # define DLZ_DLOPEN_VERSION 3 # define DNS_CLIENTINFO_VERSION 2 #else --- source4/setup/named.conf.dlz.orig 2018-01-14 22:41:59 UTC +++ source4/setup/named.conf.dlz -@@ -21,5 +21,11 @@ dlz "AD DNS Zone" { +@@ -21,5 +21,14 @@ dlz "AD DNS Zone" { # For BIND 9.11.x ${BIND9_11} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_11.so"; @@ -50,20 +60,24 @@ + + # For BIND 9.13.x + ${BIND9_13} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_13.so"; ++ ++ # For BIND 9.14.x ++ ${BIND9_14} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_14.so"; }; --- python/samba/provision/sambadns.py.orig 2018-01-17 09:08:39 UTC +++ python/samba/provision/sambadns.py -@@ -937,6 +937,8 @@ def create_named_conf(paths, realm, dnsd +@@ -937,6 +937,9 @@ def create_named_conf(paths, realm, dnsd bind9_9 = '#' bind9_10 = '#' bind9_11 = '#' + bind9_12 = '#' + bind9_13 = '#' ++ bind9_14 = '#' if bind_info.upper().find('BIND 9.8') != -1: bind9_8 = '' elif bind_info.upper().find('BIND 9.9') != -1: -@@ -945,6 +947,10 @@ def create_named_conf(paths, realm, dnsd +@@ -945,6 +947,12 @@ def create_named_conf(paths, realm, dnsd bind9_10 = '' elif bind_info.upper().find('BIND 9.11') != -1: bind9_11 = '' @@ -71,17 +85,20 @@ + bind9_12 = '' + elif bind_info.upper().find('BIND 9.13') != -1: + bind9_13 = '' ++ elif bind_info.upper().find('BIND 9.14') != -1: ++ bind9_14 = '' elif bind_info.upper().find('BIND 9.7') != -1: raise ProvisioningError("DLZ option incompatible with BIND 9.7.") else: -@@ -955,7 +961,9 @@ def create_named_conf(paths, realm, dnsd +@@ -955,7 +961,10 @@ def create_named_conf(paths, realm, dnsd "BIND9_8" : bind9_8, "BIND9_9" : bind9_9, "BIND9_10" : bind9_10, - "BIND9_11" : bind9_11 + "BIND9_11" : bind9_11, + "BIND9_12" : bind9_12, -+ "BIND9_13" : bind9_13 ++ "BIND9_13" : bind9_13, ++ "BIND9_14" : bind9_14 }) Added: head/net/samba48/files/patch-source3_rpc__server_mdssvc_mdssvc.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba48/files/patch-source3_rpc__server_mdssvc_mdssvc.c Tue Apr 9 10:07:22 2019 (r498474) @@ -0,0 +1,15 @@ +../source3/rpc_server/mdssvc/mdssvc.c:157:9: error: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Werror,-Wformat] + dalloc_size(dd)); + ^~~~~~~~~~~~~~~ + +--- source3/rpc_server/mdssvc/mdssvc.c.orig 2019-04-09 01:04:10 UTC ++++ source3/rpc_server/mdssvc/mdssvc.c +@@ -151,7 +151,7 @@ char *mds_dalloc_dump(DALLOC_CTX *dd, in + } + + logstring = talloc_asprintf(dd, +- "%s%s(#%lu): {\n", ++ "%s%s(#%zu): {\n", + tab_string1, + talloc_get_name(dd), + dalloc_size(dd)); Modified: head/net/samba48/pkg-plist ============================================================================== --- head/net/samba48/pkg-plist Tue Apr 9 10:05:44 2019 (r498473) +++ head/net/samba48/pkg-plist Tue Apr 9 10:07:22 2019 (r498474) @@ -298,6 +298,7 @@ lib/samba4/private/libxattr-tdb-samba4.so %%AD_DC%%lib/shared-modules/bind9/dlz_bind9_11.so %%AD_DC%%lib/shared-modules/bind9/dlz_bind9_12.so %%AD_DC%%lib/shared-modules/bind9/dlz_bind9_13.so +%%AD_DC%%lib/shared-modules/bind9/dlz_bind9_14.so %%AD_DC%%lib/shared-modules/bind9/dlz_bind9_9.so %%AD_DC%%lib/shared-modules/bind9/dlz_bind9.so %%AD_DC%%lib/shared-modules/gensec/krb5.so
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201904091007.x39A7Mwn051439>