Hello community, here is the log from the commit of package samba for openSUSE:Factory checked in at 2015-12-18 21:51:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/samba (Old) and /work/SRC/openSUSE:Factory/.samba.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "samba" Changes: -------- --- /work/SRC/openSUSE:Factory/samba/samba.changes 2015-12-06 07:37:32.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.samba.new/samba.changes 2015-12-18 21:51:19.000000000 +0100 @@ -1,0 +2,17 @@ +Fri Dec 11 16:49:16 UTC 2015 - lmuelle@suse.com + +- Update to 4.3.3. + + Malicious request can cause Samba LDAP server to hang, spinning using CPU; + CVE-2015-3223; (bso#11325); (bnc#958581). + + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); + (bnc#958586). + + Insufficient symlink verification (file access outside the share); + CVE-2015-5252; (bso#11395); (bnc#958582). + + No man in the middle protection when forcing smb encryption on the client + side; CVE-2015-5296; (bso#11536); (bnc#958584). + + Currently the snapshot browsing is not secure thru windows previous version + (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). + + Fix Microsoft MS15-096 to prevent machine accounts from being changed into + user accounts; CVE-2015-8467; (bso#11552); (bnc#958585). + +------------------------------------------------------------------- Old: ---- samba-4.3.2.tar.asc samba-4.3.2.tar.gz New: ---- samba-4.3.3.tar.asc samba-4.3.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ samba.spec ++++++ --- /var/tmp/diff_new_pack.c0dUYw/_old 2015-12-18 21:51:22.000000000 +0100 +++ /var/tmp/diff_new_pack.c0dUYw/_new 2015-12-18 21:51:22.000000000 +0100 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -122,14 +122,14 @@ BuildRequires: systemd BuildRequires: systemd-devel %endif -%define samba_ver 4.3.2 +%define samba_ver 4.3.3 %define samba_ver_suffix %nil %if "%{samba_ver_suffix}" == "" -%define samba_source_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz -%define samba_source_signature_location http://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc +%define samba_source_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.gz +%define samba_source_signature_location https://ftp.samba.org/pub/samba/stable/samba-%{version}.tar.asc %else -%define samba_source_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz -%define samba_source_signature_location http://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc +%define samba_source_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.gz +%define samba_source_signature_location https://ftp.samba.org/pub/samba/rc/samba-%{version}%{samba_ver_suffix}.tar.asc %endif %define samba_ver_full %{samba_ver}%{samba_ver_suffix} %if 0%{?suse_version} && 0%{?suse_version} < 1031 @@ -144,13 +144,13 @@ %else %define build_make_smp_mflags %{?jobs:-j%jobs} %endif -%define SOURCE_TIMESTAMP 3535 +%define SOURCE_TIMESTAMP 3552 %define BRANCH %{version} %global with_mitkrb5 1 %global with_dc 0 -Version: 4.3.2 +Version: 4.3.3 Release: 0 -Url: http://www.samba.org/ +Url: https://www.samba.org/ Provides: samba-gplv3 = %{version} Obsoletes: samba-gplv3 < %{version} %if 0%{?suse_version} > 1030 @@ -238,9 +238,9 @@ /etc/samba/smb.conf For a more detailed description of Samba, check the samba-doc package -or the Samba.org Web page at http://www.Samba.org/ +or the Samba.org Web page at https://www.Samba.org/ -Please check http://en.openSUSE.org/Samba for general information on +Please check https://en.openSUSE.org/Samba for general information on Samba as part of SUSE Linux Enterprise or openSUSE products, links to binary packages of the most current Samba version, and a bug reporting how to. @@ -277,9 +277,9 @@ be found in /etc/samba/smb.conf For a more detailed description of Samba, check the samba-doc package -or the Samba.org Web page at http://www.Samba.org/ +or the Samba.org Web page at https://www.Samba.org/ -Please check http://en.openSUSE.org/Samba for general information on +Please check https://en.openSUSE.org/Samba for general information on Samba as part of SUSE Linux Enterprise or openSUSE products, links to binary packages of the most current Samba version, and a bug reporting how to. ++++++ patches.tar.bz2 ++++++ ++++++ samba-4.3.2.tar.gz -> samba-4.3.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/samba/samba-4.3.2.tar.gz /work/SRC/openSUSE:Factory/.samba.new/samba-4.3.3.tar.gz differ: char 5, line 1 ++++++ vendor-files.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/tools/package-data new/vendor-files/tools/package-data --- old/vendor-files/tools/package-data 2015-12-01 20:22:14.000000000 +0100 +++ new/vendor-files/tools/package-data 2015-12-16 17:42:05.000000000 +0100 @@ -1,2 +1,2 @@ # This is an autogenrated file. -SAMBA_PACKAGE_SVN_VERSION="3535" +SAMBA_PACKAGE_SVN_VERSION="3552"