unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed
* [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes].
@ 2020-09-21 19:02 Pierre Langlois
  2020-09-21 19:37 ` Efraim Flashner
  0 siblings, 1 reply; 3+ messages in thread
From: Pierre Langlois @ 2020-09-21 19:02 UTC (permalink / raw)
  To: 43553


[-- Attachment #1.1: Type: text/plain, Size: 407 bytes --]

Hello Guix!

I was just looking into fixing a Samba build issue for AArch64 (another
patch incoming :-) ). But noticed the package was out-of-date and there
were multiple CVEs fixes since then.

OK to commit?

I suppose this is trivial enough that I should be able to just push this
without asking first, right? I wasn't yet feeling confident enough with
my powers to do that just yet :-).

Thanks,
Pierre


[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 519 bytes --]

[-- Attachment #2: 0001-gnu-samba-Update-to-4.12.7-security-fixes.patch --]
[-- Type: text/x-patch, Size: 1586 bytes --]

From 8c61bd537da8f10c83e1e8e5718fbc2d3d874d1a Mon Sep 17 00:00:00 2001
From: Pierre Langlois <pierre.langlois@gmx.com>
Date: Mon, 21 Sep 2020 19:50:08 +0100
Subject: [PATCH] gnu: samba: Update to 4.12.7 [security fixes].

Fixes CVE-2020-1472 with 4.12.7.
Fixes CVE-2020-10730, CVE-2020-10745, CVE-2020-10760 and CVE-2020-14303
with 4.12.4.

* gnu/packages/samba.org (samba): Update to 4.12.7.
---
 gnu/packages/samba.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index 84e389340b..c04426c49c 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -8,6 +8,7 @@
 ;;; Copyright © 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
+;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -173,14 +174,14 @@ external dependencies.")
 (define-public samba
   (package
     (name "samba")
-    (version "4.12.3")
+    (version "4.12.7")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://download.samba.org/pub/samba/stable/"
                            "samba-" version ".tar.gz"))
        (sha256
-        (base32 "09w7aap1cjc41ayhaksm1igc7p7gl40fad4a1l6q4ds9a2jbrb9z"))
+        (base32 "1lkgih0vrarf5zy6chspkwarqdylzwr63nxr3qjkpazrs86nlm9h"))
        (modules '((guix build utils)))
        (snippet
         '(begin
-- 
2.28.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes].
  2020-09-21 19:02 [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes] Pierre Langlois
@ 2020-09-21 19:37 ` Efraim Flashner
  2020-09-21 19:47   ` bug#43553: " Pierre Langlois
  0 siblings, 1 reply; 3+ messages in thread
From: Efraim Flashner @ 2020-09-21 19:37 UTC (permalink / raw)
  To: Pierre Langlois; +Cc: 43553

[-- Attachment #1: Type: text/plain, Size: 800 bytes --]

On Mon, Sep 21, 2020 at 08:02:03PM +0100, Pierre Langlois wrote:
> Hello Guix!
> 
> I was just looking into fixing a Samba build issue for AArch64 (another
> patch incoming :-) ). But noticed the package was out-of-date and there
> were multiple CVEs fixes since then.
> 
> OK to commit?
> 
> I suppose this is trivial enough that I should be able to just push this
> without asking first, right? I wasn't yet feeling confident enough with
> my powers to do that just yet :-).
> 
> Thanks,
> Pierre
> 

Yeah, you can just go ahead and push it. Everything looks good.


-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* bug#43553: [PATCH] gnu: samba: Update to 4.12.7 [security fixes].
  2020-09-21 19:37 ` Efraim Flashner
@ 2020-09-21 19:47   ` Pierre Langlois
  0 siblings, 0 replies; 3+ messages in thread
From: Pierre Langlois @ 2020-09-21 19:47 UTC (permalink / raw)
  To: Efraim Flashner; +Cc: Pierre Langlois, 43553-done

[-- Attachment #1: Type: text/plain, Size: 722 bytes --]


Efraim Flashner writes:

> On Mon, Sep 21, 2020 at 08:02:03PM +0100, Pierre Langlois wrote:
>> Hello Guix!
>> 
>> I was just looking into fixing a Samba build issue for AArch64 (another
>> patch incoming :-) ). But noticed the package was out-of-date and there
>> were multiple CVEs fixes since then.
>> 
>> OK to commit?
>> 
>> I suppose this is trivial enough that I should be able to just push this
>> without asking first, right? I wasn't yet feeling confident enough with
>> my powers to do that just yet :-).
>> 
>> Thanks,
>> Pierre
>> 
>
> Yeah, you can just go ahead and push it. Everything looks good.

Awesome, pushed with a2b25890ee37c017bc77a6b923577f258fa3fba0 !

Thanks,
Pierre


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 519 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-09-21 19:57 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-09-21 19:02 [bug#43553] [PATCH] gnu: samba: Update to 4.12.7 [security fixes] Pierre Langlois
2020-09-21 19:37 ` Efraim Flashner
2020-09-21 19:47   ` bug#43553: " Pierre Langlois

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).