commit 8add11ee76f9fed1e34d2edbbfe1c19ae5f3bac9 · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

samba4Full: 4.3.6 -> 4.3.8 (#14661)

Fixes the following security issues:
* CVE-2015-5370 (Multiple errors in DCE-RPC code)
* CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
* CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
* CVE-2016-2112 (LDAP client and server don't enforce integrity)
* CVE-2016-2113 (Missing TLS certificate validation)
* CVE-2016-2114 ("server signing = mandatory" not enforced)
* CVE-2016-2115 (SMB IPC traffic is not integrity protected)
* CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)

See http://badlock.org/ for details.

(cherry picked from commit 192dc27dc3694023dcaca6f5a34a2788172240d3)

authored by Tristan Helmich and committed by Franz Pletz 9 years ago 8add11ee e4098861

+2 -2

1 changed file

expand all

unified split

pkgs

servers

samba

4.x.nix

+2 -2

pkgs/servers/samba/4.x.nix

··· 18 with lib; 19 20 stdenv.mkDerivation rec { 21 - name = "samba-4.3.6"; 22 23 src = fetchurl { 24 url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; 25 - sha256 = "0929fpk2pq4v389naai519xvsm9bzpar4jlgjxwlx1cnn6jyql9j"; 26 }; 27 28 patches =

··· 18 with lib; 19 20 stdenv.mkDerivation rec { 21 + name = "samba-4.3.8"; 22 23 src = fetchurl { 24 url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; 25 + sha256 = "041b5frh4ikcka922aqhqjvlv4w2s7jycyykpvsknj0a79ncd79p"; 26 }; 27 28 patches =