From nobody Mon Dec 19 01:44:18 2022
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Nb2Yt3XFLz1Grbd;
	Mon, 19 Dec 2022 01:44:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Nb2Yt368rz4Ghf;
	Mon, 19 Dec 2022 01:44:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1671414258;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fJfak5gKecU6tM0632CgalT1luH9TYBDLvVgZr5LEw4=;
	b=q/uX3fuahduy2LbNbZh5cjme+lRJM71th1vUu8RKKRp4BoAHi0W0vf6Yjh1tjQoK5HkNJ8
	J2HpN2ZJ7SGgPhDiaSmY3vyIYgMR2CHyZ/AdCHgN8KLE5Y62sKPFZDg9lvWUgP6EP2gZZn
	2vwhA5GaKl6nVnKkVKeQlHT1TyK3XfQx6UX1iWCr/rjuEo2IhF1VVSrht+Tmcgw3vfj+II
	2zxiuFswMKoZY68sjtLWl71vcp0sBmobVjU2M+98pWeYnkjHMm0rzKPNRsVurjrnui0ZDS
	zq0Nk8XrpMGNJpWgMQHpxaMNjYwypy7HnMumKquSH87tiNVlwEi/4Zakem+NOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1671414258;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fJfak5gKecU6tM0632CgalT1luH9TYBDLvVgZr5LEw4=;
	b=KLoCZcNAva7ps9+Z/qA6iotEQVyHCDDlzrcyHZ50zi4JJrYfVqHMDHfwUNYgWEEPydDHJ9
	QgyUQiMprlQe3A3oRMWwR9GaTUgm1CVTWBraXejAoeMzNIHlOIH1jyxg2144THVxJcl7f/
	Rl0SxRWbG6DCSnW3mFXHYTIYRNnoBCVSq1jO1sPsBE0L92WT00tKUfb0rdYxD9CFAXVxH0
	KYYEi08BTdd1omW3iTK4AKlWp0R0OuZJnzAgXt+ang2q0VGpDCUyhOfxuWJQP+mXECPKyS
	YINTzeCoGnL8dzqUes8VH2pm3q+dUNsjYKqVe+kRPp4L+ZZcbnQoz/hq9iy8hw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1671414258; a=rsa-sha256; cv=none;
	b=BW7eV4Q02jKkfoXCciSQg3GTCCtvvwCSZYJDAvbH8muu+DcI08Oy5jPlCfOxodZ8r1+jFU
	K9eeTdAnnwiQw2NqclcwVdAaAl/3RHSGuh/6fWYbzYApMDw105FVevf91hD9W1C0KNyNRv
	VNSJhiSGOh8y8irf+YUgMbKoZkP5vpS9e6gmkitUVNLNhMtw0DpMVXU7VuEPBY6UO2c/0Q
	rIN91tXH3toKSD7c0J75rqmaCVvXAOMMq4ecfA2ylZoCGl1NS5738Kwm7Dd+mglABk/0sj
	nWUQglmDGOMXS1e14mvtBWc8JaV1VURpZnKI9AsC9GP8nzaIQmeoKft1s9+6hw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Nb2Yt27ZrzdSV;
	Mon, 19 Dec 2022 01:44:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2BJ1iI88092396;
	Mon, 19 Dec 2022 01:44:18 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2BJ1iIwB092395;
	Mon, 19 Dec 2022 01:44:18 GMT
	(envelope-from git)
Date: Mon, 19 Dec 2022 01:44:18 GMT
Message-Id: <202212190144.2BJ1iIwB092395@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: "Timur I. Bakeyev" <timur@FreeBSD.org>
Subject: git: 135b4febde36 - main - net/samba416: Security update for the recent Heimdal/KRB5 related vulnerabilities.
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-all@freebsd.org
X-BeenThere: dev-commits-ports-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: timur
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 135b4febde36816397bbaf11538e2dc014849a72
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by timur:

URL: https://cgit.FreeBSD.org/ports/commit/?id=135b4febde36816397bbaf11538e2dc014849a72

commit 135b4febde36816397bbaf11538e2dc014849a72
Author:     Timur I. Bakeyev <timur@FreeBSD.org>
AuthorDate: 2022-12-19 01:42:08 +0000
Commit:     Timur I. Bakeyev <timur@FreeBSD.org>
CommitDate: 2022-12-19 01:42:08 +0000

    net/samba416: Security update for the recent Heimdal/KRB5 related vulnerabilities.
    
    Security:       CVE-2022-38023
                    CVE-2022-37966
                    CVE-2022-37967
                    CVE-2022-45141
---
 net/samba416/Makefile                                         |  2 +-
 net/samba416/distinfo                                         |  6 +++---
 .../0099-s4-mitkdc-Add-support-for-MIT-Kerberos-1.20.patch    | 11 +++--------
 net/samba416/pkg-plist.python                                 |  2 ++
 4 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/net/samba416/Makefile b/net/samba416/Makefile
index a65c319d59fd..ee739448679f 100644
--- a/net/samba416/Makefile
+++ b/net/samba416/Makefile
@@ -50,7 +50,7 @@ EXTRA_PATCHES=			\
 
 SAMBA4_BASENAME=		samba
 SAMBA4_PORTNAME=		${SAMBA4_BASENAME}4
-SAMBA4_VERSION=			4.16.7
+SAMBA4_VERSION=			4.16.8
 SAMBA4_DISTNAME=		${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
 
 WRKSRC?=			${WRKDIR}/${DISTNAME}
diff --git a/net/samba416/distinfo b/net/samba416/distinfo
index 861116a873b6..ce567ea5e5e4 100644
--- a/net/samba416/distinfo
+++ b/net/samba416/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1668648463
-SHA256 (samba-4.16.7.tar.gz) = 02d38d5f9edcc776be3a7d60ad470b43980af2ba13c244fb78a57a41792734a6
-SIZE (samba-4.16.7.tar.gz) = 30622700
+TIMESTAMP = 1671402791
+SHA256 (samba-4.16.8.tar.gz) = bbb2959c86b3f220f59be8a3cecd26a8bf22ec8e0526f2343b58c9b866dc4185
+SIZE (samba-4.16.8.tar.gz) = 30682100
diff --git a/net/samba416/files/0099-s4-mitkdc-Add-support-for-MIT-Kerberos-1.20.patch b/net/samba416/files/0099-s4-mitkdc-Add-support-for-MIT-Kerberos-1.20.patch
index e38cf5214696..4507dc599075 100644
--- a/net/samba416/files/0099-s4-mitkdc-Add-support-for-MIT-Kerberos-1.20.patch
+++ b/net/samba416/files/0099-s4-mitkdc-Add-support-for-MIT-Kerberos-1.20.patch
@@ -913,20 +913,15 @@ diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
 index 3af8e92d7f2..f451ad1cec2 100755
 --- a/source4/selftest/tests.py
 +++ b/source4/selftest/tests.py
-@@ -963,7 +963,12 @@ for env in ['fileserver_smb1', 'nt4_member', 'clusteredmember', 'ktest', 'nt4_dc
+@@ -964,7 +964,7 @@ for env in ['fileserver_smb1', 'nt4_member', 'clustere
  have_fast_support = 1
  claims_support = 0
  compound_id_support = 0
 -tkt_sig_support = int('SAMBA4_USES_HEIMDAL' in config_hash)
-+if ('SAMBA4_USES_HEIMDAL' in config_hash or
-+    'HAVE_MIT_KRB5_1_20' in config_hash):
-+    tkt_sig_support = 1
-+else:
-+    tkt_sig_support = 0
-+
++tkt_sig_support = 1 if('SAMBA4_USES_HEIMDAL' in config_hash or 'HAVE_MIT_KRB5_1_20' in config_hash) else 0
+ full_sig_support = int('SAMBA4_USES_HEIMDAL' in config_hash)
  expect_pac = int('SAMBA4_USES_HEIMDAL' in config_hash)
  extra_pac_buffers = int('SAMBA4_USES_HEIMDAL' in config_hash)
- check_cname = int('SAMBA4_USES_HEIMDAL' in config_hash)
 diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5
 index efdbced6e78..b0640654260 100644
 --- a/wscript_configure_system_mitkrb5
diff --git a/net/samba416/pkg-plist.python b/net/samba416/pkg-plist.python
index 9b475e5d2dc0..7d86c1cb2e48 100644
--- a/net/samba416/pkg-plist.python
+++ b/net/samba416/pkg-plist.python
@@ -274,12 +274,14 @@ lib/samba4/private/libsamba-python%%PYTHON_EXT_SUFFIX%%-samba4.so
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/as_canonicalization_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/as_req_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/compatability_tests.py
+%%PYTHON_SITELIBDIR%%/samba/tests/krb5/etype_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/fast_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/kcrypto.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/kdc_base_test.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/kdc_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/kdc_tgs_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/kpasswd_tests.py
+%%PYTHON_SITELIBDIR%%/samba/tests/krb5/lockout_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/ms_kile_client_principal_lookup_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/pac_align_tests.py
 %%PYTHON_SITELIBDIR%%/samba/tests/krb5/raw_testcase.py