summaryrefslogtreecommitdiff
path: root/main/samba
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2017-10-25 06:33:38 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2017-10-25 06:35:34 +0000
commit427ff6422a5158b148b925494e82d2da9dd9cafb (patch)
treeaee631fe87ec193e0512ab4a9f5e04974c83c664 /main/samba
parent827f4bcd760cf400406186ba3b0cc42f171fee14 (diff)
downloadaports-427ff6422a5158b148b925494e82d2da9dd9cafb.zip
main/samba: security upgrade to 4.7.0
(CVE-2017-12150, CVE-2017-12151, CVE-2017-12163) fixes #7891
Diffstat (limited to 'main/samba')
-rw-r--r--main/samba/APKBUILD90
1 files changed, 38 insertions, 52 deletions
diff --git a/main/samba/APKBUILD b/main/samba/APKBUILD
index 6f04cfad467..d96c5c5273c 100644
--- a/main/samba/APKBUILD
+++ b/main/samba/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=samba
-pkgver=4.6.6
-pkgrel=1
+pkgver=4.7.0
+pkgrel=0
pkgdesc="Tools to access a server's filespace and printers via SMB"
url="http://www.samba.org"
arch="all"
@@ -40,7 +40,7 @@ depends="$pkgname-server=$pkgver-r$pkgrel
# note that heimdal is required (over mit krb5) for AD DC functionality
makedepends="popt-dev ncurses-dev openldap-dev e2fsprogs-dev
- talloc-dev tdb-dev py-tdb ldb-dev<1.2 cups-dev python2-dev libcap-dev
+ talloc-dev tdb-dev py-tdb ldb-dev>=1.2.2 cups-dev python2-dev libcap-dev
tevent-dev py-tevent iniparser-dev perl subunit-dev docbook-xsl
libarchive-dev acl-dev"
source="https://us1.samba.org/samba/ftp/stable/$pkgname-$pkgver.tar.gz
@@ -58,6 +58,10 @@ pkggroups="winbind"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 4.7.0-r0:
+# - CVE-2017-12150
+# - CVE-2017-12151
+# - CVE-2017-12163
# 4.6.1-r0:
# - CVE-2017-2619
@@ -93,25 +97,23 @@ build() {
--enable-cups \
--without-gettext \
--bundled-libraries=NONE,ntdb,roken,wind,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,kdc,cmocka \
- --disable-rpath-install \
- || return 1
- make || return 1
+ --disable-rpath-install
+ make
}
package() {
cd "$builddir"
- make DESTDIR="$pkgdir" install || return 1
+ make DESTDIR="$pkgdir" install
install -d "$pkgdir"/var/log/$pkgname \
- "$pkgdir"/usr/share/doc/$pkgname \
- || return 1
- install -dm755 "$pkgdir"/var/lib/$pkgname/sysvol || return 1
- install -Dm644 packaging/LSB/smb.conf \
- "$pkgdir"/etc/$pkgname/smb.conf || return 1
+ "$pkgdir"/usr/share/doc/$pkgname
+ install -dm755 "$pkgdir"/var/lib/$pkgname/sysvol
+ install -Dm644 examples/smb.conf.default \
+ "$pkgdir"/etc/$pkgname/smb.conf
install -Dm644 packaging/RHEL/setup/smbusers \
- "$pkgdir"/etc/$pkgname/smbusers || return 1
+ "$pkgdir"/etc/$pkgname/smbusers
install -m744 packaging/printing/smbprint \
- "$pkgdir"/usr/bin/smbprint || return 1
+ "$pkgdir"/usr/bin/smbprint
install -Dm644 "$srcdir"/$pkgname.logrotate \
"$pkgdir"/etc/logrotate.d/$pkgname
}
@@ -130,7 +132,7 @@ _mv_files() {
*/*) mkdir -p "$subpkgdir"/${i%/*};;
*) mkdir -p "$subpkgdir";;
esac
- mv "$pkgdir"/$i "$subpkgdir"/$i || return 1
+ mv "$pkgdir"/$i "$subpkgdir"/$i
done
}
@@ -140,8 +142,7 @@ common() {
cd "$pkgdir"
_mv_files \
etc \
- var \
- || return 1
+ var
install -d -m700 "$subpkgdir"/var/lib/$pkgname/private
}
@@ -152,8 +153,7 @@ _libs_py() {
cd "$pkgdir"
_mv_files \
usr/lib/$pkgname/libsamba-net-samba4.so \
- usr/lib/$pkgname/libsamba-python-samba4.so \
- || return 1
+ usr/lib/$pkgname/libsamba-python-samba4.so
return 0
}
@@ -169,8 +169,7 @@ _common_tools() {
usr/bin/smbpasswd \
usr/bin/testparm \
usr/lib/$pkgname/libgpo-samba4.so \
- usr/lib/$pkgname/libnet-keytab-samba4.so \
- || return 1
+ usr/lib/$pkgname/libnet-keytab-samba4.so
}
_common_server_libs() {
@@ -188,8 +187,7 @@ _common_server_libs() {
usr/lib/$pkgname/libsmbd-base-samba4.so \
usr/lib/$pkgname/libsmbd-conn-samba4.so \
usr/lib/$pkgname/libsmbldaphelper-samba4.so \
- usr/lib/$pkgname/pdb \
- || return 1
+ usr/lib/$pkgname/pdb
}
_common_libs() {
@@ -207,7 +205,7 @@ _common_libs() {
usr/lib/$pkgname/liblibsmb-samba4.so \
usr/lib/$pkgname/libmsrpc3-samba4.so \
usr/lib/$pkgname/libndr-samba4.so \
- || return 1
+ usr/lib/$pkgname/libMESSAGING-SEND-samba4.so
}
libsmbclient() {
@@ -215,8 +213,7 @@ libsmbclient() {
depends=
cd "$pkgdir"
_mv_files \
- usr/lib/libsmbclient.so.* \
- || return 1
+ usr/lib/libsmbclient.so.*
}
_client_libs() {
@@ -232,8 +229,7 @@ _client_libs() {
usr/lib/$pkgname/libhttp-samba4.so \
usr/lib/$pkgname/libnetif-samba4.so \
usr/lib/$pkgname/libregistry-samba4.so \
- usr/lib/$pkgname/libsmbclient-raw-samba4.so \
- || return 1
+ usr/lib/$pkgname/libsmbclient-raw-samba4.so
}
client() {
@@ -262,8 +258,7 @@ client() {
usr/bin/smbspool \
usr/bin/smbtar \
usr/bin/smbtree \
- usr/lib/$pkgname/smbspool_krb5_wrapper \
- || return 1
+ usr/lib/$pkgname/smbspool_krb5_wrapper
}
_server_libs() {
@@ -276,8 +271,7 @@ _server_libs() {
usr/lib/$pkgname/libidmap-samba4.so \
usr/lib/$pkgname/libnss-info-samba4.so \
\
- usr/lib/$pkgname/libnon-posix-acls-samba4.so \
- || return 1
+ usr/lib/$pkgname/libnon-posix-acls-samba4.so
}
@@ -290,8 +284,7 @@ winbind() {
_mv_files \
usr/sbin/winbindd \
usr/lib/$pkgname/idmap \
- usr/lib/$pkgname/nss_info \
- || return 1
+ usr/lib/$pkgname/nss_info
install -d -g winbind -m 750 \
"$subpkgdir"/var/cache/$pkgname/winbindd_privileged
}
@@ -303,8 +296,7 @@ libwbclient() {
_mv_files \
usr/lib/libwbclient.so.* \
usr/lib/$pkgname/libreplace-samba4.so \
- usr/lib/$pkgname/libwinbind-client-samba4.so \
- || return 1
+ usr/lib/$pkgname/libwinbind-client-samba4.so
}
_winbind_clients() {
@@ -313,8 +305,7 @@ _winbind_clients() {
cd "$pkgdir"
_mv_files \
usr/bin/ntlm_auth \
- usr/bin/wbinfo \
- || return 1
+ usr/bin/wbinfo
}
_libnss_winbind() {
@@ -323,8 +314,7 @@ _libnss_winbind() {
cd "$pkgdir"
_mv_files \
usr/lib/libnss_winbind.so* \
- usr/lib/libnss_wins.so* \
- || return 1
+ usr/lib/libnss_wins.so*
}
_winbind_krb5_locator() {
@@ -332,8 +322,7 @@ _winbind_krb5_locator() {
depends=
cd "$pkgdir"
_mv_files \
- usr/lib/winbind_krb5_locator.so \
- || return 1
+ usr/lib/winbind_krb5_locator.so
}
dc() {
@@ -410,8 +399,7 @@ server() {
\
usr/lib/$pkgname/auth \
usr/lib/$pkgname/libxattr-tdb-samba4.so \
- usr/lib/$pkgname/vfs \
- || return 1
+ usr/lib/$pkgname/vfs
}
@@ -421,8 +409,7 @@ pidl() {
cd "$pkgdir"
_mv_files \
usr/bin/pidl \
- usr/share/perl* \
- || return 1
+ usr/share/perl*
}
_py() {
@@ -443,8 +430,7 @@ _test() {
usr/bin/ndrdump \
usr/bin/smbtorture \
usr/lib/$pkgname/libdlz-bind9-for-torture-samba4.so \
- usr/lib/$pkgname/libtorture-samba4.so \
- || return 1
+ usr/lib/$pkgname/libtorture-samba4.so
}
libs() {
@@ -466,13 +452,14 @@ libs() {
usr/lib/$pkgname/libCHARSET3-samba4.so \
usr/lib/$pkgname/libaddns-samba4.so \
usr/lib/$pkgname/libasn1util-samba4.so \
- usr/lib/$pkgname/libauth-sam-reply-samba4.so \
usr/lib/$pkgname/libauthkrb5-samba4.so \
usr/lib/$pkgname/libcli-cldap-samba4.so \
usr/lib/$pkgname/libcli-ldap-common-samba4.so \
usr/lib/$pkgname/libcli-nbt-samba4.so \
usr/lib/$pkgname/libcli-smb-common-samba4.so \
usr/lib/$pkgname/libcliauth-samba4.so \
+ usr/lib/$pkgname/libcommon-auth-samba4.so \
+ usr/lib/$pkgname/libcmocka-samba4.so \
usr/lib/$pkgname/libdbwrap-samba4.so \
usr/lib/$pkgname/libflag-mapping-samba4.so \
usr/lib/$pkgname/libgenrand-samba4.so \
@@ -507,8 +494,7 @@ libs() {
usr/lib/$pkgname/libutil-cmdline-samba4.so \
usr/lib/$pkgname/libutil-reg-samba4.so \
usr/lib/$pkgname/libutil-setid-samba4.so \
- usr/lib/$pkgname/libutil-tdb-samba4.so \
- || return 1
+ usr/lib/$pkgname/libutil-tdb-samba4.so
# exit with error if some stuff stayed at main pack
rmdir "$pkgdir"/usr/lib/$pkgname \
"$pkgdir"/usr/share \
@@ -518,7 +504,7 @@ libs() {
"$pkgdir"/usr
}
-sha512sums="e06bdc83f44c449212f2e45a902e2ca547505a75e970166259b91d2093fb442cdfd456e724d0e842b674b4b8d5bdbe9072996d768c08ebd979a44b2494a59799 samba-4.6.6.tar.gz
+sha512sums="c69da34566ec672ed17f86ecf793154374c71dd33b588adceed5fbd9345d978a4ffeced5d3a4033edb4daedac2294ed088beed8cdde19724f9d03da54e22e4ee samba-4.7.0.tar.gz
b43809d7ecbf3968f5154c2ded6ed47dae36921f1895ea98bcce50557eb2ad39b736345ffb4214655ed3154c143c20431d248cde828285380bafbf4d2627df9b uclibc-xattr-create.patch
62d373dbaee75121a1d73f2c09cdca7239705808ff807b171d1d5a28fd4ffc66bdb52494b62786d7aaba8aeece5c08433b532ca96a28d712452fe9daac8d8d2e domain.patch
0d4fd9862191554dc9c724cec0b94fd19afbfd0c4ed619e4c620c075e849cb3f3d44db1e5f119d890da23a3dd0068d9873703f3d86c47b91310521f37356208b getpwent_r.patch